Bugtraq mailing list archives
Re: Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility
From: paolo_armando () CEDATI COM
Date: Wed, 10 Jan 2001 10:15:17 -0000
[snip] ANY AUTHORIZED USER OF LOTUS DOMINO
MAIL SYSTEM CAN GAIN UNAUTIORIZED
ACCESS TO *ANY* MAILBOX IN THE SYSTEM BY
MODIFYING THE TRAFFIC BETWEEN HIS
CLIENT AND DOMINO SERVER OR BY
MODIFYING CLIENT SOFTWARE ITSELF.
[snip]
no, you are wrong. in the standard install everyone can read public documents (not mail) in the mail user db. for more info , go to : http://www.notes.net/46dom.nsf/df537c4a2ff2611f852 5689c005c6bf2/db3e837e8e9970c8852569d00032a2 2d!OpenDocument
Current thread:
- Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility Michal Zalewski (Jan 08)
- Re: Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility Andreas Siegert (Jan 10)
- <Possible follow-ups>
- Re: Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility Michal Zalewski (Jan 08)
- Re: Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility paolo_armando (Jan 10)