mailing list archives
WORKAROUND: Lotus Domino 5.0.5 Web Server vulnerability
From: Leonardo Rodrigues <coelho () PERSOGO COM BR>
Date: Tue, 9 Jan 2001 10:56:47 -0300
Well, as Lotus haven't released a fix for the *confirmed* bug, we
get a workaround. Adding the following line:
map */../* /something.nsf
at httpd.conf, seems to handle the bug. You should notice that
EVERYTHING using ../ links will stop working too, including the bug !
We tested this on NT4 sp6a and Domino 5.0.5, and we COULDN'T get
the bug working after those lines were added.
As we couldn't reproduce the bug on Linux Domino servers, and
seems that nobody could, we don't think adding those lines on Linux
httpd.conf servers is necessary.
Solution Web ( http://www.solutionweb.com.br )