Bugtraq mailing list archives
bugtraq id 2173 Lotus Domino Server
From: Alan Bell <ABell () INTEC CO UK>
Date: Tue, 9 Jan 2001 11:02:32 +0000
Further information on this issue: 1) This issue has been reproduced on several versions of domino prior to 5.0.5 2) My testing has failed to reproduce this issue on Linux and OS/400 (AS/400) 3) To secure your boxes create 3 file protection documents for each server granting no access to the following paths. /.nsf/../ /.box/../ /.ns4/../ the other common domino extensions .ns3 and .ntf do not appear to be vulnerable. This is not a Lotus supported solution (as yet) so there may be additional similar paths with this behaviour. You should watch http://www.notes.net for an upgrade which will probably appear as 5.0.6a. Alan.
Current thread:
- bugtraq id 2173 Lotus Domino Server Alan Bell (Jan 09)
- Re: bugtraq id 2173 Lotus Domino Server Hendrik-Jan Verheij (Jan 09)