Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Vulnerability discovered on Lotus Domino server "admin4.nsf"

from [3 shool] Network Security [Permanent Link]
Subject: Vulnerability discovered on Lotus Domino server "admin4.nsf"
Date: Tue, 7 Mar 2006 02:14:30 +0530 
Hi,

I'm doing an external blackbox PT on a mail server running Lotus
Domino. The server OS is Windows 2000 and web server is Lotus Domino.
It has following ports open:

80 - Lotus Domino httpd
443 - Lotus Domino httpd
1352 - Lotus Domino server
5631 - PCAnywhere

During a manual assessment I discovered "admin4.nsf" on server,
accessible without any sort of authentication.  It is suppose to be
the Administrator Request Database. From the name I suppose this
should be something that shouldn't be visible to everyone. I don't
have any experience in Lotus Domino. I read a couple of docs on
Internet but couldn't get the real implication of such a
vulnerability. I'm a little hesitant to perform any actions with the
interface as it might disrupt some activities on the server and client
might not like it.

Is there anybody on the list who could guide me on the implication of
this vulnerability and how to get a proper sense of it. What are the
functionalities of 'admin4.nsf' and what damage could it do if an
un-authenticated user has access to it.

Looking forward to some enlightenment on this topic.

Now I'm going to downlaod a Lotus client and see what I can do with
the other open port "1352", looks like another hole from where I can
find my way in.

Thank you.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Sql-Injection and XSS on ASP.Net Internal Application, André Gil
Next by Date:  Re: Cognos Default Username and password, pagvac
Previous by Thread:  Cognos Default Username and password, 3 shool
Next by Thread:  RE: Vulnerability discovered on Lotus Domino server "admin4.nsf", Enrique A. Sanchez Montellano
Indexes:  [Date] [Thread] [Top] [All Lists]