VYPR
Unrated severityNVD Advisory· Published Jul 26, 2002· Updated Jun 16, 2026

CVE-2002-0408

CVE-2002-0408

Description

htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.

Affected products

2
  • Lotus/Domino2 versions
    cpe:2.3:a:lotus:domino:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:lotus:domino:*:*:*:*:*:*:*:*range: <=5.0.9a
    • (no CPE)range: <=5.0.9a

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.