-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Well I must concur with Chad as Notes default installs are wide open. Rarely when doing Pen tests have I found a correctly secured Notes/Domino server. Permissions are rarely correct for databases. While I am sure NexPose has done a fine job with their Vuln scanner, I have tried <unbiased commercial plug> AppDetective works really well for Lotus and Domino scans!! You can also use N-Stealth or any of your favorite web scanners and add the following files: /852566C90012664F /admin4.nsf /admin5.nsf /admin.nsf /agentrunner.nsf /alog.nsf /a_domlog.nsf /bookmark.nsf /busytime.nsf /catalog.nsf /certa.nsf /certlog.nsf /certsrv.nsf /chatlog.nsf /clbusy.nsf /cldbdir.nsf /clusta4.nsf /collect4.nsf /da.nsf /dba4.nsf /dclf.nsf /DEASAppDesign.nsf /DEASLog01.nsf /DEASLog02.nsf /DEASLog03.nsf /DEASLog04.nsf /DEASLog05.nsf /DEASLog.nsf /decsadm.nsf /decslog.nsf /DEESAdmin.nsf /dirassist.nsf /doladmin.nsf /domadmin.nsf /domcfg.nsf /domguide.nsf /domlog.nsf /dspug.nsf /events4.nsf /events5.nsf /events.nsf /event.nsf /homepage.nsf /iNotes/Forms5.nsf/$DefaultNav /jotter.nsf /leiadm.nsf /leilog.nsf /leivlt.nsf /log4a.nsf /log.nsf /l_domlog.nsf /mab.nsf /mail10.box /mail1.box /mail2.box /mail3.box /mail4.box /mail5.box /mail6.box /mail7.box /mail8.box /mail9.box /mail.box /msdwda.nsf /mtatbls.nsf /mtstore.nsf /names.nsf /nntppost.nsf /nntp/nd000001.nsf /nntp/nd000002.nsf /nntp/nd000003.nsf /ntsync45.nsf /perweb.nsf /qpadmin.nsf /quickplace/quickplace/main.nsf /reports.nsf /sample/siregw46.nsf /schema50.nsf /setupweb.nsf /setup.nsf /smbcfg.nsf /smconf.nsf /smency.nsf /smhelp.nsf /smmsg.nsf /smquar.nsf /smsolar.nsf /smtime.nsf /smtpibwq.nsf /smtpobwq.nsf /smtp.box /smtp.nsf /smvlog.nsf /srvnam.htm /statmail.nsf /statrep.nsf /stauths.nsf /stautht.nsf /stconfig.nsf /stconf.nsf /stdnaset.nsf /stdomino.nsf /stlog.nsf /streg.nsf /stsrc.nsf /userreg.nsf /vpuserinfo.nsf /webadmin.nsf /web.nsf /.nsf/../winnt/win.ini /?Open At 01:28 AM 11/27/2002 -0500, svetsanjat_private wrote: >We are doing a penetration testing for a client who has lotus notes. We >were able to access the catalog.nsf file from the web and other admin >pages such as the user list page, connections page database page etc. > >Question is, is this just a low level threat or can a hacker use this >info to hack further. Also clicking on some of the admin pages brings up >a default page which says click here to access page. On a notes client >its possible to click that page put not through http. Is there a >workaround url that bypasses that page? > > SKP > > > > > >---------------------------------------------------------------------------- >This list is provided by the SecurityFocus Security Intelligence Alert (SIA) >Service. For more information on SecurityFocus' SIA service which >automatically alerts you to the latest security vulnerabilities please see: >https://alerts.securityfocus.com/ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPeYfJb4MEqovNuR+EQLxpACgv+PYardMxNP9E/rq5ZK6uGQ+GwwAn0g/ LYO/k86xRdalL5MLF3ZA3FW7 =CiDX -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Nov 28 2002 - 10:10:23 PST