[18521] in bugtraq
Re: Lotus Domino: security hole the size of Texas,
daemon@ATHENA.MIT.EDU (paolo_armando@CEDATI.COM)
Wed Jan 10 13:28:20 2001
Message-Id: <20010110101517.5988.qmail@securityfocus.com>
Date: Wed, 10 Jan 2001 10:15:17 -0000
Reply-To: paolo_armando@CEDATI.COM
From: paolo_armando@CEDATI.COM
To: BUGTRAQ@SECURITYFOCUS.COM
>[snip]
> ANY AUTHORIZED USER OF LOTUS DOMINO
MAIL SYSTEM CAN GAIN UNAUTIORIZED
> ACCESS TO *ANY* MAILBOX IN THE SYSTEM BY
MODIFYING THE TRAFFIC BETWEEN HIS
> CLIENT AND DOMINO SERVER OR BY
MODIFYING CLIENT SOFTWARE ITSELF.
>[snip]
no, you are wrong. in the standard install everyone
can read public documents (not mail) in the mail user
db. for more info , go to :
http://www.notes.net/46dom.nsf/df537c4a2ff2611f852
5689c005c6bf2/db3e837e8e9970c8852569d00032a2
2d!OpenDocument
