[ Advisory for Lotus Domino webserver ] [ Lotus Domino is made by Lotus. ] [ Site: http://www.lotus.com ] [ by nemesystm of the DHC ] [ (http://dhcorp.cjb.net - neme-dhcat_private) ] [ ADV-0101 ] /-|=[explaination]=|-\ Lotus Domino is a webserver. It has a simple physical path revealing problem. /-|=[who is vulnerable]=|-\ Lotus-Domino Release-4.6.2 Lotus-Domino Release-4.6.3 Lotus-Domino Release-4.6.6 The above are versions I am sure of, but I assume most 4.6.x and lower version are vulnerable. for some reason Lotus-Domino Release-5.0.2 sometimes showed the physical path and sometimes it did not. I do not know the reason for this. NOT vulnerable is Lotus-Domino Release-4.6.7(Intl) Lotus-Domino Release-5.0.3 Lotus-Domino Release-5.0.4 Lotus-Domino Release-5.0.5 Lotus-Domino Release-5.0.6 This works on both NT and non-NT computers. /-|=[testing it]=|-\ To test this vulnerability, try the following. www.server.com/cgi-bin/a/../a This should give you a error with a physical path. /-|=[notes]=|-\ Seeing as this can be fixed by upgrading I did not e-mail Lotus. Free, encrypted, secure Web-based email at www.hushmail.com
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 11:44:58 PDT