Lotus Domino 5.0.9a and previous versions, even when configured with the 'DominoNoBanner=1' option, allows remote malicious users to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lotus domino 5.0.8 |
||
lotus domino 5.0.9 |
||
lotus domino 5.0.9a |