Lotus Domino 5.0.8-9 - Non-Existent NSF Database Banner Information Disclosure

EDB-ID:

21996

CVE:

2002-2191

EDB Verified:

Author:

Frank Perreault

Type:

remote

Exploit: /

Platform:

Multiple

Date:

2002-11-07

Vulnerable App:

source: https://www.securityfocus.com/bid/6128/info


Lotus Domino reportedly discloses sensitive banner information when a non-existent NSF database is requested. This may allow a remote attacker to discover information about the layout of the filesystem.

This issue is present on Lotus Domino Server with the 'DominoNoBanner' set to a value of '1'.

http://www.example.com/nosuchdb.nsf

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services