By creating a specially crafted url, the authentication mechanism of Domino database can be circumvented. These urls should look like: http://host.com/<databasename>.ntf<buff>.nsf/ in which <buff> has a certain length.
Upgrade to the latest version of Domino.
- BadBlue invalid null byte vulnerability
- F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities
- IBM WebSphere Application Server Multiple CSRF Vulnerabilities
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
- IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability