Re: Lotus Notes HTTP cgi-bin vulnerability: possible workaround

[Jens_Frank () EXCHANGE DE (Jens Frank)]

Hi,

the described workaround does work for Notes-Servers not using CGI at all.
However, there is still a problem with hiding the cgi's in a different
script directory:

GET /cgi-bin/test HTTP/1.0

HTTP/1.1 200 Found
Server: Lotus-Domino/Release-4.6.2a
Date: Thu, 23 Dec 1999 07:58:37 GMT
Content-Base: http://192.168.64.8/CeGeIh/test
Content-Type: text/html
Content-Length: 1841

Notes sends the ,,real'' script directory in the Content-Base-Field of the
header. Using this information, the machine can still be crashed. (tested
successfully)

This is tested with 4.6.2a only since I don't have any other versions.

     Gruesse,

          jens

- -
Jens Frank, Unix Systems
Deutsche Boerse AG
Fon +49 69 2101 5099
Fax +49 69 2101 3831