Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0408

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0408
Last Modified 10 Sep 2008 03:11:56
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0408

Summary

htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.

Vulnerable Systems

Application

  • Lotus Domino 5.0.9a


References

BID - 4049

BUGTRAQ - 20020303 Re: KPMG-2002006: Lotus Domino Physical Path Revealed

BUGTRAQ - 20020207 Re: KPMG-2002004: Lotus Domino Webserver DOS-device Denial of Service


Last Updated: 27 May 2016 10:36:54