Lotus : Security Vulnerabilities, CVEs, Published In 2001
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
Max CVSS
7.5
EPSS Score
0.70%
Published
2001-03-01
Updated
2017-07-11
Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.
Max CVSS
7.5
EPSS Score
4.10%
Published
2001-07-02
Updated
2008-09-05
Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.
Max CVSS
5.0
EPSS Score
0.51%
Published
2001-09-20
Updated
2017-12-19
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.
Max CVSS
5.0
EPSS Score
1.52%
Published
2001-12-07
Updated
2017-10-10
Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443.
Max CVSS
5.0
EPSS Score
1.20%
Published
2001-11-30
Updated
2017-10-10
Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the ReplicaID.
Max CVSS
7.5
EPSS Score
1.22%
Published
2001-12-06
Updated
2017-12-19
Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).
Max CVSS
10.0
EPSS Score
2.83%
Published
2001-12-06
Updated
2017-10-10
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-08-02
Updated
2017-12-19
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-08-02
Updated
2017-12-19
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-08-02
Updated
2017-12-19
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
Max CVSS
5.0
EPSS Score
0.32%
Published
2001-08-02
Updated
2017-12-19
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type.
Max CVSS
5.0
EPSS Score
0.28%
Published
2001-08-02
Updated
2017-12-19
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
Max CVSS
7.5
EPSS Score
2.75%
Published
2001-06-02
Updated
2017-10-10
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
Max CVSS
10.0
EPSS Score
0.55%
Published
2001-03-12
Updated
2017-10-10
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
Max CVSS
5.0
EPSS Score
1.06%
Published
2001-02-12
Updated
2017-10-10
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.
Max CVSS
5.0
EPSS Score
1.44%
Published
2001-08-20
Updated
2017-10-10
16 vulnerabilities found