Domino Server
by Lotus
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0009 | 0.04 | — | 0.09 | Feb 12, 2001 | Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | |||
| CVE-2000-0452 | 0.04 | — | 0.08 | May 18, 2000 | Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||
| CVE-2003-0178 | 0.01 | — | 0.15 | Apr 2, 2003 | Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for… | |||
| CVE-2003-1408 | 0.00 | — | 0.01 | Dec 31, 2003 | Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | |||
| CVE-2001-0847 | 0.00 | — | 0.02 | Dec 6, 2001 | Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID. | |||
| CVE-2000-1215 | 0.00 | — | 0.02 | Sep 19, 2001 | The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||
| CVE-2001-0260 | 0.00 | — | 0.04 | Jun 2, 2001 | Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | |||
| CVE-2001-0130 | 0.00 | — | 0.03 | Mar 12, 2001 | Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier. | |||
| CVE-2001-1445 | 0.00 | — | 0.02 | Mar 1, 2001 | Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands. | |||
| CVE-2000-1047 | 0.00 | — | 0.04 | Dec 11, 2000 | Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | |||
| CVE-2000-0023 | 0.00 | — | 0.01 | Dec 21, 1999 | Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | |||
| CVE-2000-0022 | 0.00 | — | 0.01 | Dec 21, 1999 | Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | |||
| CVE-2000-0021 | 0.00 | — | 0.01 | Dec 1, 1999 | Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. |
- CVE-2001-0009Feb 12, 2001risk 0.04cvss —epss 0.09
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
- CVE-2000-0452May 18, 2000risk 0.04cvss —epss 0.08
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
- CVE-2003-0178Apr 2, 2003risk 0.01cvss —epss 0.15
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for…
- CVE-2003-1408Dec 31, 2003risk 0.00cvss —epss 0.01
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.
- CVE-2001-0847Dec 6, 2001risk 0.00cvss —epss 0.02
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
- CVE-2000-1215Sep 19, 2001risk 0.00cvss —epss 0.02
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
- CVE-2001-0260Jun 2, 2001risk 0.00cvss —epss 0.04
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
- CVE-2001-0130Mar 12, 2001risk 0.00cvss —epss 0.03
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
- CVE-2001-1445Mar 1, 2001risk 0.00cvss —epss 0.02
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
- CVE-2000-1047Dec 11, 2000risk 0.00cvss —epss 0.04
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
- CVE-2000-0023Dec 21, 1999risk 0.00cvss —epss 0.01
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
- CVE-2000-0022Dec 21, 1999risk 0.00cvss —epss 0.01
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
- CVE-2000-0021Dec 1, 1999risk 0.00cvss —epss 0.01
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.