Lotus

Domino

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2002-2191

Exploit
  • EPSS 3.45%
  • Veröffentlicht 31.12.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in...

5

CVE-2002-0407

Exploit
  • EPSS 1.3%
  • Veröffentlicht 26.07.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, ...

5

CVE-2002-0408

Exploit
  • EPSS 1.08%
  • Veröffentlicht 26.07.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a...

7.5

CVE-2002-0245

  • EPSS 0.9%
  • Veröffentlicht 29.05.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any ...

2.1

CVE-2002-0087

  • EPSS 0.13%
  • Veröffentlicht 15.03.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.

5

CVE-2001-0954

  • EPSS 0.91%
  • Veröffentlicht 07.12.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.

10

CVE-2001-0846

  • EPSS 3.57%
  • Veröffentlicht 06.12.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).

5

CVE-2001-0939

  • EPSS 0.91%
  • Veröffentlicht 30.11.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443.

5

CVE-2001-1018

  • EPSS 0.63%
  • Veröffentlicht 20.09.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.

5

CVE-2000-1203

  • EPSS 0.91%
  • Veröffentlicht 20.08.2001 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.