CVE Vulnerabilities

CVE-2001-1567

Published: Dec 31, 2001 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of + characters before the .nsf file extension, which are converted to spaces by Domino.

Affected Software

Name Vendor Start Version End Version
Lotus_domino Ibm 5.0.2 5.0.2
Lotus_domino Ibm 5.0.1 5.0.1
Lotus_domino Ibm 5.0.3 5.0.3
Lotus_domino Ibm 5.0.9 5.0.9
Lotus_domino Ibm 5.0.4 5.0.4
Lotus_domino Ibm 5.0.6 5.0.6
Lotus_domino Ibm 5.0 5.0
Lotus_domino Ibm 5.0.7 5.0.7
Lotus_domino Ibm 5.0.5 5.0.5
Lotus_domino Ibm 5.0.8 5.0.8
Lotus_domino Ibm 5.0.7a 5.0.7a
Lotus_domino_server Ibm * 5.0.9a

References