{"vuid":"VU#984555","idnumber":"984555","name":"Default installations of the Lotus Domino web server disclose system information via HTTP headers","keywords":["Lotus Domino Web Server","default installation","configuration information","HTTP headers","DominoNoBanner=1","banner"],"overview":"The default configuration of the Lotus Domino web server discloses system characteristics to anonymous remote users.","clean_desc":"The default configuration of the Lotus Domino web server discloses system information in the HTTP headers it returns to a web browser. If these headers are intercepted and viewed by a user browsing an affected Domino server, the headers will reveal the release version, build date, and operating system of the web server.","impact":"This vulnerability presents an information leak that allows an attacker to identify system characteristics.","resolution":"Apply a patch from your vendor Lotus has released a patch that addresses this vulnerability; for further information, please see the Systems Affected section of this document.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported to the Bugtraq mailing list on September 19, 2001.","author":"This document was written by Jeffrey P. Lanza.","public":["h","t","t","p",":","/","/","w","w","w",".","n","o","t","e","s",".","n","e","t","/","r","5","f","i","x","l","i","s","t",".","n","s","f","/","S","e","a","r","c","h","!","S","e","a","r","c","h","V","i","e","w","&","Q","u","e","r","y","=","A","W","H","N","4","A","8","Q","W","M"],"cveids":["CVE-2001-1018"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-09-20T19:37:26Z","publicdate":"2000-06-14T00:00:00Z","datefirstpublished":"2001-09-20T22:53:33Z","dateupdated":"2002-01-10T23:48:36Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"10","cam_internetinfrastructure":"0","cam_population":"5","cam_impact":"1","cam_easeofexploitation":"5","cam_attackeraccessrequired":"20","cam_scorecurrent":"0.234375","cam_scorecurrentwidelyknown":"0.28125","cam_scorecurrentwidelyknownexploited":"0.375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.234375,"vulnote":null}