Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Lotus Domino password bypass
From: "Red Wolf" <red.wolf () onebox com>
Date: Mon, 04 Feb 2002 13:49:40 -0500
Short term fix...

Create a URL ---> Redirect URL
IP Address  (leave blank)
Incoming URL path : */*.ntf*
Redirection URL string : http://www.your_home_page_here.com

Was there any attempt to notify Lotus?

RedWolf

---------------------------------------------------------------------Web:
 http://qb0x.net                               Author: GabrielA.
Maggiotti
Date: Febrary 03, 2002                              E-mail:
gmaggiot () ciudad com ar
---------------------------------------------------------------------Summary
-------
A security vulnerability has been found in the popular Lotus Domino Web
server. Lotus Domino have files like webadmin.nsf, log.nsf and names.nfs,
 this files are protected by password.  I discover that is posible to
bypass this password if you create a malformed url....

__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]