Rapid7 Vulnerability & Exploit Database

Lotus Notes/Domino Anonymous Access to Web Administration Template

Back to Search

Lotus Notes/Domino Anonymous Access to Web Administration Template

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
11/01/2004
Created
07/25/2018
Added
11/01/2004
Modified
03/21/2018

Description

By specifying its Replica ID, an attacker can successfully request the Web Administrator database template from a Domino HTTP server. Access to this template allows an attacker to learn information about the server, including the fully qualified Notes server name and domain, the underlying operating system, and the exact version of Notes in use.

Using variants on the specially crafted URL, an attacker can read arbitrary files on the server (including the server.id file and /etc/passwd) and can list all of the Notes databases on the server. This is a very severe vulnerability that can lead to the compromise of the server machine and of all Domino servers in your domain.

Solution(s)

  • disable-anonymous-default-notes-acl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;