Schweregrad: : Crítico
  Data do informe: 04 fevereiro 2011

  Descrição

Lotus Domino 5.0.6 or lower versions has a vulnerability wherein a remote user can gain access to a known file residing in the server. A specially crafted request can be sent to access a known filename which will display the content of the file with read permission. This could enable a remote attacker to gain access to systems files, password files, etc, that could lead to a complete compromise of the host.

  Exposição das informações

Users of Trend Micro PC-cillin Internet Security and Network VirusWall can detect this exploit at the network layer with Network Virus Pattern (NVP) 10173 or later.
Download the latest NVW pattern file from the following site:   
http://www.trendmicro.com/download/product.asp?productid=45

  Software infectado e versão:

  • Lotus Domino 5.0.6
  • Lotus Domino 5.0.5
  • Lotus Domino 5.0.3
  • Lotus Domino 5.0.2