Vulnerabilities > CVE-2002-2191 - Information Disclosure vulnerability in Lotus Domino Non-existent NSF Database Banner
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. This issue is present on Lotus Domino Server with the 'DominoNoBanner' set to a value of '1'.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Lotus Domino 5.0.8-9 Non-existent NSF Database Banner Information Disclosure. CVE-2002-2191. Remote exploits for multiple platform |
| id | EDB-ID:21996 |
| last seen | 2016-02-02 |
| modified | 2002-11-07 |
| published | 2002-11-07 |
| reporter | Frank Perreault |
| source | https://www.exploit-db.com/download/21996/ |
| title | Lotus Domino 5.0.8-9 Non-existent NSF Database Banner Information Disclosure |