CVE-2005-2428
First published: Wed Aug 03 2005(Updated: )
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino R5 | =6.0 | |
| IBM Lotus Domino R5 | =6.5 | |
| IBM Lotus Domino R5 | =5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf
- http://www-1.ibm.com/support/docview.wss?uid=swg21212934
- http://secunia.com/advisories/16231/
- http://www.securiteam.com/securitynews/5FP0E15GLQ.html
- http://www.securityfocus.com/bid/14389
- http://www.osvdb.org/18462
- http://securitytracker.com/id?1014584
- http://marc.info/?l=bugtraq&m=112240869130356&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21556
- https://www.exploit-db.com/exploits/39495/
Frequently Asked Questions
What is the severity of CVE-2005-2428?
CVE-2005-2428 is considered a medium severity vulnerability due to the potential exposure of sensitive information.
How do I fix CVE-2005-2428?
Fix CVE-2005-2428 by disabling the 'Generate HTML for all fields' option in Lotus Domino WebMail configuration.
What type of data is exposed through CVE-2005-2428?
CVE-2005-2428 exposes sensitive information such as password hashes stored in hidden form fields.
Which versions of Lotus Domino are affected by CVE-2005-2428?
CVE-2005-2428 affects Lotus Domino versions 5.0, 6.0, and 6.5.
Who can exploit CVE-2005-2428?
Remote attackers can exploit CVE-2005-2428 if they can access the HTML source of the affected WebMail application.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/5.0
- version/ibm lotus domino/6.0
- version/ibm lotus domino/6.5