Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 8 Forum

Notes/Domino 8 Forum
Previous Next

What version of Domino are you running?

The bug referenced by your security compliance people was reported nearly 9 years ago in Domino 4.6. http://www.securityfocus.com/bid/881/info

If you are actually running a Domino 4.6 web server, then an upgrade would be the best approach.

If you are not running Domino 4.6, then perhaps the test result is erroneous, or perhaps you have some strange configuration that has caused this issue to recur. Personally, I would regard exposing the absolute path to the Domino program directory as only moderately severe -- not great, but you would need some other vulnerability to make use of the exploit.

Rupert Clayton
Chicago


Feedback response number WEBB7HGR38 created by ~Anita Asafreezenoopsi on 08/13/2008

Domino HTTP Server Internal Path Di... (~Lisa Fezwevitc... 13.Aug.08)
. . What version of Domino are you runn... (~Anita Asafreez... 13.Aug.08)
. . Interesting, I got the following fr... (~Anita Minaster... 14.Aug.08)
. . . . You have control over TRACE, TRACK ... (~Wendy Dwonugen... 20.Aug.08)
. . . . . . *Thanks, I found that and we passed... (~Anita Minaster... 20.Aug.08)




Printer-friendly

Search this forum

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS