lotus software vulnerabilities
vulnerabilities.aspcode.net
Searching lotus software vulnerabilities
SMTP component of Lotus Domino 4.6.1 on AS/400,
component
|
Domino
|
Lotus
|
SMTP
|
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
Lotus cc:Mail release 8 stores the postoffice p
Lotus
|
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.
Lotus Domino HTTP server allows remote attacker
non-existent
|
attackers
|
determine
|
/cgi-bin
|
request
|
Domino
|
script
|
allows
|
remote
|
server
|
Lotus
|
real
|
HTTP
|
path
|
via
|
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
The Extended Control List (ECL) feature of the
Extended
|
Control
|
List
|
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
Lotus Notes R5 client R5.0.5 and earlier does n
attacker
|
modified
|
properly
|
detected
|
message
|
transit
|
without
|
earlier
|
modify
|
client
|
S/MIME
|
could
|
allow
|
Lotus
|
being
|
Notes
|
which
|
users
|
email
|
does
|
warn
|
been
|
R505
|
not
|
has
|
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
The default configuration of Lotus Domino serve
configuration
|
default
|
Domino
|
server
|
Lotus
|
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.
Lotus Domino Web Server 5.x allows remote attac
$defaultNav
|
information
|
navigator
|
attackers
|
sensitive
|
accessing
|
default
|
Server
|
Domino
|
remote
|
allows
|
Lotus
|
gain
|
via
|
Web
|
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
Lotus Domino web server 5.08 allows remote atta
server
|
Domino
|
Lotus
|
web
|
Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.
Buffer overflows in Lotus Domino R5 before R5.0
overflows
|
attackers
|
service
|
denial
|
remote
|
Domino
|
Buffer
|
before
|
cause
|
Lotus
|
R507a
|
allow
|
Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Format string vulnerabilities in Lotus Domino R
vulnerabilities
|
attackers
|
service
|
denial
|
remote
|
before
|
string
|
Format
|
Domino
|
cause
|
Lotus
|
R507a
|
allow
|
Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Lotus Domino R5 before R5.0.7a allows remote at
attackers
|
service
|
remote
|
denial
|
allows
|
Domino
|
before
|
Lotus
|
R507a
|
cause
|
Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
Unknown vulnerability in the SMTP server in Lot
vulnerability
|
restrictions
|
attackers
|
addresses
|
relaying
|
commands
|
Unknown
|
crafted
|
through
|
e-mail
|
bypass
|
Domino
|
server
|
allows
|
remote
|
"RCPT
|
Lotus
|
SMTP
|
mail
|
via
|
TO"
|
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
bindsock in Lotus Domino 5.07 on Solaris allows
bindsock
|
Domino
|
Lotus
|
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.
Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled
Domino
|
Lotus
|
Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command.
Directory traversal vulnerability in webadmin.n
vulnerability
|
webadminnsf
|
traversal
|
Directory
|
Domino
|
Lotus
|
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
IBM Lotus Domino Server 7.0 allows remote attac
attackers
|
service
|
remote
|
denial
|
allows
|
Domino
|
Server
|
Lotus
|
cause
|
IBM
|
IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).
Software vulnerabilities results 1 to 20 of 90
Page:
1
2
3
4
5
►