Lotus Domino Internal IP address Disclosure Vulnerability

A vulnerability has been discovered in Lotus Domino server that may result in the disclosure of the server's internal address.

If a specially formed GET request, a path segment comprised of numerous '/' characters, is submitted to a target Domino server. Lotus Domino will reveal the internal IP address of the server.

Further technical details are forthcoming.


 

Privacy Statement
Copyright 2010, SecurityFocus