https://www.exploit-db.com/exploits/23836
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-188

LotusDomino服务器是一款基于WEB合作的应用程序架构，运行在Linux/Unix和MicrosoftWindows操作系统平台下。LotusDomino服务器的webadmin.nsf对用户提交请求缺少充分过滤，远程攻击者可以利用这个漏洞以服务程序权限查看系统上任意文件。服务程序可通过’webadmin.nsf’进行管理接口访问，不过由于对新文件名建立请求缺少充分过滤，攻击者可以利用目录遍历，使用多个’../’以WEB进程权限访问系统上的任意文件。

source: http://www.securityfocus.com/bid/9900/info

It has been reported that Lotus Domino may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The issue reportedly exists in the server's administrative interface accessed via 'webadmin.nsf'. The vulnerability may be exploited by a remote attacker by traversing outside the server root directory by using '../' directory traversal character sequences. Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information and/or modify the underlying file system.

IBM Lotus Domino server 6.5.1 has been reported to be prone to this issue, however, it is possible that other versions are affected as well.

1)Go to http://www.example.com/webadmin.nsf
2)Go to "Files" tab
3)From the "Tools" menu select to create a "new" folder
4)As the name of the new folder enter "/../../../../../../pr00f"

or

"/../../../../windows/win.ini"

来源:XF
名称:lotus-webadmin-file-disclosure(15504)
链接:http://xforce.iss.net/xforce/xfdb/15504
来源:BID
名称:9900
链接:http://www.securityfocus.com/bid/9900
来源:SECUNIA
名称:11143
链接:http://secunia.com/advisories/11143
来源:members.lycos.co.uk
链接:http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt
来源：NSFOCUS
名称：6186
链接：http://www.nsfocus.net/vulndb/6186