Page 2 of 31 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. • http://marc.info/?l=bugtraq&m=101310812804716&w=2 http://marc.info/?l=bugtraq&m=101785616526383&w=2 http://www.securityfocus.com/bid/4049 •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message. El servidor 5.0.8 de Lotus Domino con NoBanner habilitado permite que atacantes remotos (1) conozcan el path físico del servidor por medio de una petición de un fichero no existente con una estensión .pl (Perl), lo cual hace que se muestre el path absoluto en el mensaje de error, o (2) hagan cualquier petición que cause el error 500 de HTTP, lo cual lleva a que aparezca el nombre de la versión del servidor en el mensaje de error HTTP. • http://marc.info/?l=bugtraq&m=101310812804716&w=2 http://www-1.ibm.com/support/manager.wss?rs=1&rt=0&org=sims&doc=07B32060E4CC97E985256B64005AEB0F http://www.iss.net/security_center/static/8160.php http://www.securityfocus.com/bid/4049 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. bindsock en Lotus Domino 5.07 en Solaris permite a usuarios locales crear ficheros arbitrarios mediante un ataque de enlaces simbólicos (symlink attack) en ficheros temporales. • http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg21095671 http://www.esecurityonline.com/advisories/eSO4125.asp http://www.securityfocus.com/bid/4318 https://exchange.xforce.ibmcloud.com/vulnerabilities/8586 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory. • http://marc.info/?l=bugtraq&m=100780146532131&w=2L:1 http://www-1.ibm.com/support/manager.wss?rs=1&rt=0&org=sims&doc=255CC03D83CFF50C85256B1E005E349B http://www.osvdb.org/2000 http://www.securityfocus.com/bid/3656 https://exchange.xforce.ibmcloud.com/vulnerabilities/7684 •

CVSS: 10.0EPSS: 2%CPEs: 14EXPL: 0

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). • http://marc.info/?l=bugtraq&m=100448721830960&w=2 http://www.iss.net/security_center/static/7424.php http://www.osvdb.org/1979 https://exchange.xforce.ibmcloud.com/vulnerabilities/7424 •