Vulnerability Development mailing list archives
Re[2]: UserID and hashed password for Lotus Domino
From: Philip Storry <phil () philipstorry net>
Date: Sun, 20 Oct 2002 21:03:04 +0100
Hello HalbaSus, Saturday, October 19, 2002, 1:16:48 PM, you wrote: H> Hi, I am doing a test for a company also running Lotus Domino. I tried H> names nsf yet it asks for an authentification. According to H> http://packetstormsecurity.nl/0202-exploits/lotus.domino.bypass.txt H> there is a way to bypass the authentification by sending a buffer. I did H> a quick perl script that would brute force that buffer and I found H> something quite interesting. H> An url like http://www.host.com/log.ntf++++x215+++++++.nsf would get me H> the same page as www.host.com/log.nsf (any other buffer would result in H> a server error) This gives me the feeling that the exploit does work, H> and what I'm actually seeing is log.ntf (not log.nsf) but probably the 2 H> files are identical... or maybe I'm wrong... anyway, could you, or H> somebody else concernet about lotus domino security give me a clue about H> all this stuff. I think you're referring to this vulnerability: http://www-1.ibm.com/support/docview.wss?rs=1&org=sims&doc=0B0C94EBE9401D7B85256B5A006DECFC (The URL will probably be wrapped by an MTA somewhere - sorry about that.) This is cured in Domino R5.0.9, by the looks of it. Which version of Domino are you using? Lotus would probably be interested to know if there's a version after that which is still vulnerable. -- Best regards, Philip mailto:phil () philipstorry net
Current thread:
- UserID and hashed password for Lotus Domino Casper Gio (Oct 18)
- Re: UserID and hashed password for Lotus Domino Nicolas Gregoire (Oct 18)
- Re[2]: UserID and hashed password for Lotus Domino Philip Storry (Oct 18)
- Re: UserID and hashed password for Lotus Domino Philip Storry (Oct 18)
- Re: UserID and hashed password for Lotus Domino gpedone77 (Oct 20)
- Message not available
- Re[2]: UserID and hashed password for Lotus Domino Philip Storry (Oct 21)
- Re: UserID and hashed password for Lotus Domino gpedone77 (Oct 23)
- Re: UserID and hashed password for Lotus Domino Nicolas Gregoire (Oct 18)
- Re: UserID and hashed password for Lotus Domino HalbaSus (Oct 20)
- Re: UserID and hashed password for Lotus Domino gpedone77 (Oct 20)
- Re[2]: UserID and hashed password for Lotus Domino Philip Storry (Oct 21)
- Re[2]: UserID and hashed password for Lotus Domino Philip Storry (Oct 21)
- Re: UserID and hashed password for Lotus Domino gpedone77 (Oct 20)
- <Possible follow-ups>
- Re: UserID and hashed password for Lotus Domino Valgasu (Oct 18)
- Re: UserID and hashed password for Lotus Domino gpedone77 (Oct 20)
- Re: UserID and hashed password for Lotus Domino jeff (Oct 22)