QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0245

Published: May 3, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

20020207 Re: KPMG-2002004: Lotus Domino Webserver DOS-device Denial of Service

mailing-list

x_refsource_BUGTRAQ

http://www-1.ibm.com/support/manager.wss?rs=1&rt=0&org=sims&doc=07B32060E4CC97E985256B64005AEB0F

x_refsource_CONFIRM

lotus-domino-reveal-information(8160)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.