Vulnerability Development mailing list archives
Lotus Domino password bypass
From: "Red Wolf" <red.wolf () onebox com>
Date: Mon, 04 Feb 2002 13:49:40 -0500
Short term fix... Create a URL ---> Redirect URL IP Address (leave blank) Incoming URL path : */*.ntf* Redirection URL string : http://www.your_home_page_here.com Was there any attempt to notify Lotus? RedWolf ---------------------------------------------------------------------Web: http://qb0x.net Author: GabrielA. Maggiotti Date: Febrary 03, 2002 E-mail: gmaggiot () ciudad com ar ---------------------------------------------------------------------Summary ------- A security vulnerability has been found in the popular Lotus Domino Web server. Lotus Domino have files like webadmin.nsf, log.nsf and names.nfs, this files are protected by password. I discover that is posible to bypass this password if you create a malformed url.... __________________________________________________ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com
Current thread:
- RE: Lotus Domino password bypass Jens H. Christensen (Feb 04)
- <Possible follow-ups>
- Re: Lotus Domino password bypass David Litchfield (Feb 04)
- Lotus Domino password bypass Red Wolf (Feb 04)