Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Lotus Domino HTTP Server security issue

From: Frank Perreault <frank () harrystotle com>
Date: 7 Nov 2002 20:39:20 -0000


Lotus Domino http (version) banner will appear despite
notes.ini 'DominoNoBanner=1' setting. To recreate:
formulate a URL requesting a non-existing nsf database.

Example: 'http://serverAddress/nosuchdb.nsf&apos;

Has been verified on Lotus Domino 5.0.8, 5.0.9 and
5.0.9a.  IBM Support is documenting and assigning a SPR
number.  (Taken <a
href="http://hs.servehttp.com:9080/archives/00000042.html";>here</a>.)
Previous By Date Next
Previous By Thread Next

Current thread: