VULHUB ™

Lotus Domino Server is an application framework for web based collaborative software. It runs on multiple platforms including Windows and Unix. Database files (.nsf) may be protected with a password under Domino. If a remote request for the file is submitted with a maliciously constructed filename of the correct length, the authentication process may be bypassed. There have been multiple reports that this is a known issue, and only allows the remote user to access template (.ntf) files. There have been reports that this issue is fixed in Domino 5.0.9.

Lotus Domino Server is an application framework for web based collaborative software. It runs on multiple platforms including Windows and Unix. Database files (.nsf) may be protected with a password under Domino. If a remote request for the file is submitted with a maliciously constructed filename of the correct length, the authentication process may be bypassed. There have been multiple reports that this is a known issue, and only allows the remote user to access template (.ntf) files. There have been reports that this issue is fixed in Domino 5.0.9.