Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0408


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0408
Last Modified 10 Sep 2008 03:11:56
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.

Vulnerable Systems


  • Lotus Domino 5.0.9a


BID - 4049

BUGTRAQ - 20020303 Re: KPMG-2002006: Lotus Domino Physical Path Revealed

BUGTRAQ - 20020207 Re: KPMG-2002004: Lotus Domino Webserver DOS-device Denial of Service

Last Updated: 27 May 2016 10:36:54