[18503] in bugtraq
Lotus Domino 5.0.5 Web Server vulnerability WORK AROUNDS
daemon@ATHENA.MIT.EDU (Dyson, Thom)
Tue Jan 9 18:11:17 2001
MIME-Version: 1.0
Content-type: text/plain; charset=us-ascii
Message-ID: <OFE41C3BC3.15EA5EA6-ON882569CF.005C0218@sybex.com>
Date: Tue, 9 Jan 2001 08:49:54 -0800
Reply-To: TDyson@SYBEX.COM
From: "Dyson, Thom" <TDyson@SYBEX.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
These came to me from the Notes Admin List.
-------Solution 1---------
I don't the original author of this fix, so I can't give proper credit.
Add a File Protection Document in your PAB/DD:
Path: /.box/../
Access Control: -Default- - No Access
Repeat this for .ns4 and .nsf (.ns3 and .ntf are not affected).
Once you do this, do "tell http restart" or bounce your server.
-------Solution 2---------
>Well, as Lotus haven't released a fix for the *confirmed* bug, we
>get a workaround. Adding the following line:
>
>map */../* /something.nsf
>
> at httpd.conf, seems to handle the bug. You should notice that
>EVERYTHING using ../ links will stop working too, including the bug !
>
> We tested this on NT4 sp6a and Domino 5.0.5, and we COULDN'T get
>the bug working after those lines were added.
>
> As we couldn't reproduce the bug on Linux Domino servers, and
>seems that nobody could, we don't think adding those lines on Linux
>httpd.conf servers is necessary.
>
> Sincerily,
> Rodolfo Stein (rstein@persogo.com.br)
> Solution Web ( http://www.solutionweb.com.br )
Solution one works. I have not tried solution 2.
Thom Dyson
Director of Information Services
Sybex, Inc.
