Home page logo
/

bugtraq logo Bugtraq mailing list archives

Lotus Domino password bypass
From: "Red Wolf" <red.wolf () onebox com>
Date: Mon, 04 Feb 2002 13:49:40 -0500

Short term fix...

Create a URL ---> Redirect URL
IP Address  (leave blank)
Incoming URL path : */*.ntf*
Redirection URL string : http://www.your_home_page_here.com

Was there any attempt to notify Lotus?

RedWolf

---------------------------------------------------------------------Web:
 http://qb0x.net                               Author: GabrielA.
Maggiotti
Date: Febrary 03, 2002                              E-mail:
gmaggiot () ciudad com ar
---------------------------------------------------------------------Summary
-------
A security vulnerability has been found in the popular Lotus Domino Web
server. Lotus Domino have files like webadmin.nsf, log.nsf and names.nfs,
 this files are protected by password.  I discover that is posible to
bypass this password if you create a malformed url....

__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault