• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Trend Micro ScanMail for Domino Remote File Disclosure Vulnerability

ScanMail for Domino is reported prone to a vulnerability that may allow sensitive configuration files to be disclosed to remote attackers.

A successful attack may allow an attacker to disclose sensitive information and allow the attacker to disable antivirus protection on a gateway allowing potentially malicious email messages to reach internal users. It is conjectured that as malicious emails are delivered to client mail applications that are seemingly protected by the gateway application, a user may be inclined to open the message due to a false sense of security. This issue may result in a malicious code infection.

All versions of ScanMail for Domino are considered to be vulnerable at the moment.