Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-2191. PoCs published by Frank Perreault.
AI-analyzed exploit summary The exploit describes an information disclosure vulnerability in Lotus Domino Server where requesting a non-existent NSF database reveals sensitive filesystem layout information. This occurs when 'DominoNoBanner' is set to '1', allowing remote attackers to gather reconnaissance data.
Description
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner.
Exploits (1)
The exploit describes an information disclosure vulnerability in Lotus Domino Server where requesting a non-existent NSF database reveals sensitive filesystem layout information. This occurs when 'DominoNoBanner' is set to '1', allowing remote attackers to gather reconnaissance data.