| VID |
22262 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Lotus Domino web server is vulnerable to information disclosure vulnerability by accessing the default navigator($defaultnav).
A Lotus Notes databases designer can create a navigator that allows a user to navigate the database for documents and each database comes with a default navigator called $defaultNav. This default navigator exposes a list of visible views to the user. Each database's default navigator accessed by anonymous users allows a remote attacker to gain access to an unauthorized view and obtain sensitive information by accessing the default navigator $defaultnav.
* References:
http://www.nextgenss.com/advisories/defaultnav.txt
* Platforms Affected:
Lotus Domino 5.0 ~ 5.0.7, 5.0.7a, 5.0.8
HP-UX Any version
IBM lftpd Any version, IBM OS/2 Any version
Solaris Any version
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the Domino 6 or later, R5.0.10 or later, which the '$DefaultNav' has been removed from.
For more information, refer to the Lotus Customer Support Technote(1090452):
http://www-1.ibm.com/support/docview.wss?rs=463&q1=1090452&uid=swg21090452&loc=en_US&cs=utf-8
As a workaround, to globally restrict the default navigator with URL redirecting, perform the following Notes that this is not recommended by IBM/Lotus.
1) Open the Domino Administrator client and select the menu item "File->Open Server" to access the server to edit.
2) Click on the "Web" option on left hand side of the screen, and then under "Web", click on the "Web Server Configuration".
3) Click on the "Edit Document" button at the top of the server document.
4) Click on the "Web" button at the top of the server document.
5) Choose the "Create URL Mapping/Redirection" option and click on the "Mapping" tab.
6) Save and close the document.
7) Fill-in the URLs to redirect under the "Incoming URL string" field.
8) Fill-in the URL to redirect to under the "Target server directory" field.
9) Click on the "Save and Close" button at the top of the server document. |
| Related URL |
CVE-2001-0847 (CVE) |
| Related URL |
3488 (SecurityFocus) |
| Related URL |
7423 (ISS) |
|
