IBM Lotus Domino Server Crafted .nsf Request Traversal Arbitrary File Access
Medium Nessus Plugin ID 12248
SynopsisThe remote web server is susceptible to a directory traversal attack.
DescriptionUsing a specially crafted request URL containing '.nsf/..', the installed version of Lotus Domino on the remote host can be abused to reveal the contents of arbitrary files on the server.
SolutionUpgrade to version 5.0.6a or higher.