CVE-2002-0408

Name of the Vulnerable Software and Affected Versions Lotus Domino server versions 5.0.9a and earlier

Description The issue allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code. This occurs when the server is configured with the NoBanner setting, causing a hard-coded error message to leak the version.

Recommendations For versions 5.0.9a and earlier, consider removing or modifying the NoBanner setting to prevent version disclosure. As a temporary workaround, restrict access to the htcgibin.exe to minimize the risk of exploitation.