Vulnerability Development mailing list archives
Re: Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root
From: Ninke Westra <ninke () B-B NL>
Date: Wed, 10 Jan 2001 17:58:20 +0100
usig file-protection or url-redirection only works for the original exploit. both methods won't protect you from variations like using /.ns4/../ or dummydirectory/.nsf/../../ to access the intended file. the number of possible dummy directories is nearly limitless. which clearly defeats the use of these two workarounds. The solution offered by Leonardo Rodrigues <coelho () PERSOGO COM BR> on the bugtraq list is the best solution I've encountered sofar. Leonardo's fix involves adding a line to the domino\data\httpd.cnf file: map */../* /somedatabase.nsf Restart the domino server and you should be ok (there is a chance that it might interfere with some relative links - one could try mapping */.* - I haven't tried this yet, nor have I encountered any such problem on our servers.) Ninke Westra - Principal Certified Lazy Person :P Stefan Schmidt <sschmidt () INTRAWARE DE> Sent by: VULN-DEV List <VULN-DEV () SECURITYFOCUS COM> 09-01-01 16:29 Please respond to sschmidt To: VULN-DEV () SECURITYFOCUS COM cc: Subject: Re: Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root You can temporarily fix the problem by creating a file protection. Protect /.nsf/../ and set Default to no access. Also protect .ns4 and .box The file protection will give You a login-prompt. Stefan Schmidt Manager IT IntraWare AG Brueckenmuehle 93 | D-36100 Petersberg Phone +49 (0) 661/96 42-162 / Fax +49 (0) 661 - 96 42 99-162 Mobile +49 (0) 170/91 222 92 sschmidt () intraware de http://www.intraware.de
Current thread:
- Re: Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root Stefan Schmidt (Jan 09)
- Re: Lotus Domino 5.0.5 Web Server vulnerability - reading filesoutside the web root Blue Boar (Jan 10)
- <Possible follow-ups>
- Re: Lotus Domino 5.0.5 Web Server vulnerability - reading files outside the web root Ninke Westra (Jan 10)