domino vulnerability found

Thu, 16 Mar 2006 15:05:26 -0800 

Hello,

I'm doing a VA for a server that seems to be running Lotus Domino
email server. Nessus reports following:

The following CGI have been discovered :

Syntax : cginame (arguments [default value])

names.nsf (RedirectTo [/MailJump.nsf] Username [] Login [] %%ModDate
[0000000000000000] Password [] )
/domcfg.nsf/cssLogin (ReadForm[])
/domcfg.nsf/a5f213b09e138b72052566b20068aa38/$Body/0.39E
(FieldElemFormat [gif] OpenElement [] )
/domcfg.nsf/a5f213b09e138b72052566b20068aa38/$Body/0.15E2
(FieldElemFormat [jpg] OpenElement [] )

I am not able to make out anything from this information given by
nessus. I only tried "null" username/password combination on the
discovered cgi's.

Can someone please elaborate more on this vulnerability.

Thank you.
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to