Lotus Notes Password Hieroglyphics Information Disclosure

Medium Nessus Network Monitor Plugin ID 1305

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running a Lotus Notes 4.6 or 5.x email client. The login dialogue box used by these version of Notes includes a number of security features, including a set of four hieroglyphic characters. The goal of these characters is to increase the difficulty in spoofing the login dialog. An attacker with knowledge of the expected hieroglyphic sequence for a given login may use this dialogue to perform a brute force attack. This will eliminate a number of incorrect passwords, reducing the search space by approximately a factor of two. A conventional brute force attack against the remaining possibilities will then be required.

Solution

Contact vendor for an upgrade/patch.

Plugin Details

Severity: Medium

ID: 1305

File Name: 1305.prm

Family: SMTP Clients

Published: 2004/08/20

Modified: 2016/01/21

Dependencies: 1334

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSSv3

Base Score: 5.3

Temporal Score: 5.3

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:H/RL:U/RC:X

Reference Information

BID: 4324