By creating a specially crafted url, the authentication mechanism of Domino database can be circumvented. These urls should look like: http://host.com/<databasename>.ntf<buff>.nsf/ in which <buff> has a certain length.
Upgrade to the latest version of Domino.
- Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
- IBM WebSphere Application Server JNDI information disclosure Vulnerability
- Ecava IntegraXor Directory Traversal Vulnerability
- CERN HTTPD access control bypass
- AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability