• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Lotus Domino File Disclosure Vulnerability

Lotus Domino is an application server developed by IBM. One of it's features is that it allows for remote user interaction with a Lotus Notes database via a web-based interface.

By specifying it's Replica ID, an attacker can successfully request the Web Administrator template. Access to this template file may allow for an attacker to view the contents of arbitrary webserver-readable files on the filesystem.