18:59:39 Router: Updating values from Configuration document 18:59:38 Remote console command issued by Mat Newman/*/*: Set Config Log_MailRouting=40 18:59:19 Opened live remote console session for Mat Newman/*/* ** Live console connected to server yoda/iteam ** Results of above Changes are colour coded and shown below: If you increase the Session log level to the option introduced back with 8.5.1, you get all of the information about a server/users connection: Name, Client Version Number, IP address and access type (eg: C=native client), This works on all versions of Domino after 8.5.1 TIP: Doing this will get rid of the "Router: notes.ini setting for Log_Mailrouting being used (note - this option may now be configured in a Server Configuration document)" appearing in the server console.
It is possible to download the exploit at.
Technical details are unknown but a public exploit is available.Ī public exploit has been developed by MustLive in HTML/Javascript and been published immediately after the advisory. Successful exploitation requires user interaction by the victim. The successful exploitation requires a single authentication. The weakness was shared by MustLive as CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler as not defined mailinglist post (Full-Disclosure). An attacker might be able force legitimate users to initiate unwanted actions within the web application. As an impact it is known to affect confidentiality, integrity, and availability. The CWE definition for the vulnerability is CWE-352. The manipulation with an unknown input leads to a cross site request forgery vulnerability. This vulnerability affects an unknown function.
A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability has been found in IBM Lotus Notes Traveler 8.5.3 ( Groupware Software) and classified as problematic. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.