Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Domino < 5.0.7 NSF File Request Directory Traversal File Access

Medium

Synopsis

The remote Domino Web Server is vulnerable to a directory traversal attack.

Description

The remote Domino Web Server is vulnerable to a directory traversal attack. An attacker may read arbitrary files on the remote system by prepending %00%00.nsf/../ in front of their names.

Solution

Upgrade to Domino 5.0.7 or higher.