Bugtraq mailing list archives

Re: KPMG-2002006: Lotus Domino Physical Path Revealed

From: Joe Testa <jst3290 () rit edu>
Date: Tue, 02 Apr 2002 15:07:53 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Vulnerable:
> ===========
> - Lotus Domino 5.0.9 on Windows 2000 Server
> - Lotus Domino 5.0.9a on Windows 2000 Server
> - Older versions were not tested, but are likely to be vulnerable


Confirmed on Windows NT 4.0 Server with Lotus Domino 4.6.2a:

Error 500

Execution of Perl script c:\notes\data\domino\cgi-bin\com5.pl failed.Error = 2


Lotus-Domino/Release-4.6.2a



   - Joe Testa


GPG key:  http://www.cs.rit.edu/~jst3290/joetesta_r7.pub
A22B 2683 C40E 5443 AE52  AD6D 65B2 F5DF 4B11 06B4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8qg7+ZbL130sRBrQRAqGLAJ9tQmJ7cAwOfq6LbFd30HjmNtV7KQCeI+HW
zw0ybiwb64NFvBBFoBWtzS4=
=nc09
-----END PGP SIGNATURE-----

Current thread:

KPMG-2002006: Lotus Domino Physical Path Revealed Peter Gründl (Apr 02)
- Re: KPMG-2002006: Lotus Domino Physical Path Revealed Nicolas Gregoire (Apr 03)
- Re: KPMG-2002006: Lotus Domino Physical Path Revealed Joe Testa (Apr 03)