Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lotus Domino不存在NSF数据库标志信息泄露漏洞
Vulnerability Description
Lotus Domino服务器是一款基于WEB合作的应用程序架构,运行在Linux/Unix和Microsoft Windows操作系统平台下。 Lotus Domino在处理不存在NSF数据库请求时不正确,远程攻击者可以利用这个漏洞获得敏感标记信息。 当Lotus Domino服务器配置成'DominoNoBanner=1'(notes.ini)设置时,提交不存在的NSF数据库请求,可返回包含敏感信息的标记信息,利用这些信息可以获得Lotus Domino文件系统布局。
CVSS Information
N/A
Vulnerability Type
N/A