Test Kennung:	1.3.6.1.4.1.25623.1.0.10953
Kategorie:	Web Servers
Titel:	Authentication bypassing in Lotus Domino
Zusammenfassung:	By creating a specially crafted url, the authentication mechanism of; Domino database can be circumvented.
Beschreibung:	Summary: By creating a specially crafted url, the authentication mechanism of Domino database can be circumvented. Vulnerability Insight: These URLS should look like: http://example.com/.ntf.nsf/ in which has a certain length. Vulnerability Impact: This is a severe risk, as an attacker is able to access most of the authentication protected databases. As such, confidential information can be looked into and configurations can mostly be altered. Solution: Upgrade to the latest version of Domino. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	BugTraq ID: 4022 Common Vulnerability Exposure (CVE) ID: CVE-2001-1567 http://www.securityfocus.com/bid/4022 Bugtraq: 20020204 Lotus Domino password bypass (Google Search) http://marc.info/?l=bugtraq&m=101284222932568&w=2 http://marc.info/?l=bugtraq&m=101286525008089&w=2 Bugtraq: 20020204 Re: Lotus Domino password bypass (Google Search) http://marc.info/?l=bugtraq&m=101285903120879&w=2 http://www.nextgenss.com/papers/hpldws.pdf http://www.iss.net/security_center/static/8072.php
Copyright	Copyright (C) 2002 Davy Van De Moere

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.