Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=101284222932568&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=101285903120879&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=101286525008089&w=2 - | |
References | () http://www.iss.net/security_center/static/8072.php - | |
References | () http://www.nextgenss.com/papers/hpldws.pdf - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/4022 - |
Information
Published : 2001-12-31 05:00
Updated : 2024-11-20 23:38
NVD link : CVE-2001-1567
Mitre link : CVE-2001-1567
CVE.ORG link : CVE-2001-1567
JSON object : View
Products Affected
ibm
- lotus_domino
- lotus_domino_server
CWE