OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: TAKAGI, Hiromitsu (takagietl.go.jp)
Date: Mon Jul 02 2001 - 06:38:06 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Lotus Domino Server Cross-Site Scripting Vulnerability
    ======================================================

    Affected products:
    =================
      Lotus Domino Server 5.0.6
      <http://www.lotus.com/home.nsf/welcome/domino/>

    Vendor status:
    =============
      Notified:
        18 Mar 2001 09:59:51 +0900 (105 days before), securitylotus.com
      Response:
        20 Mar 2001 13:36:29 -0500
    > Dear Hiromitsu Tagaki,
    > I would like to thank you for bringing this issue to our attention. Lotus
    > takes all reports of this nature very seriously and we will investigate
    > immediately.
    > For future reference, may I ask that you contact us at
    > security-alertlotus.com?
        ...
    > Senior Product Manager, Notes and Domino Security
    > Lotus Development Corporation
      Fix:
        Unknown
      Announcement:
        Unknown
        http://www.lotus.com/developers/itcentral.nsf/wSecurity?OpenView

    Problem:
    =======
      Accessing the following URL, the JavaScript code will be executed
      in the browser on the server's domain.

      http://www.lotus.com/home.nsf/)>

      This page produces output like this:
      =================================================
      Error 404
      HTTP Web Server: Couldn't find design note - ******

      ----------------------------------------------------------------------------
      Lotus-Domino Release 5.0.6a
      =================================================
      ******: The JavaScript code is executed here.

      This vulnerability is quite similar to "IIS cross-site scripting
      vulnerabilities (MS00-060)" reported by Microsoft on August 25, 2000.
      <    http://www.microsoft.com/technet/security/bulletin/ms00-060.asp>

    Impact:
    ======
      For the detail about cross-site scripting, see the following pages.
      <http://www.cert.org/advisories/CA-2000-02.html>
      <http://www.microsoft.com/TechNet/security/crssite.asp>

    Workaround:
    ==========
      Customize error pages. 

    --
Hiromitsu Takagi, Ph.D.
National Institute of Advanced Industrial Science and Technology,
Tsukuba Central 2, 1-1-1, Umezono, Tsukuba, Ibaraki 305-8568, Japan
http://www.etl.go.jp/~takagi/