Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility
From: paolo_armando () CEDATI COM
Date: Wed, 10 Jan 2001 10:15:17 -0000

[snip]
ANY AUTHORIZED USER OF LOTUS DOMINO 
MAIL SYSTEM CAN GAIN UNAUTIORIZED
ACCESS TO *ANY* MAILBOX IN THE SYSTEM BY 
MODIFYING THE TRAFFIC BETWEEN HIS
CLIENT AND DOMINO SERVER OR BY 
MODIFYING CLIENT SOFTWARE ITSELF.
[snip]
no, you are wrong. in the standard install everyone 
can read public documents (not mail) in the mail user 
db. for more info , go to : 
http://www.notes.net/46dom.nsf/df537c4a2ff2611f852
5689c005c6bf2/db3e837e8e9970c8852569d00032a2
2d!OpenDocument


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]