In the last week, in the list of Bugtraq's Internet mail, "Traversal" defects ", which is confirmed that this is indeed a problem, and R5.06A is fixing. The client running the HTTP server task on the Domino server should be upgraded immediately after the R5.06A is completed. At the same time, the following is a simple response method. Q & A Q: "What is the essence of" TRATAL "defects? A: Given the known path and file name, you can access the files on the Domino server running the HTTP task. This is limited by the file system (or drive) of the Domino server. You can't browse the file system, but if you can guess the current file name, you can access it. Q: What Domino version affects? A: R5.0 - R5.06 does not affect R4X Q: How do I track this problem? A: Software problem report (SPR) number is KSPR4SPQ5S. After the problem is fixed, it will be included in the fix list (fix list) database on Notes.Net ----www.notes.net/r5fixlist.nsf Q: How does the Lotus plan solves this problem? A: Lotus attaches great importance to this problem, and the repair version is being tested. The repair plan is made in R5.06A, and once the repair version is completed, it will be put on http://www.notes.net. Q: Is there a way to respond? A: There is. Before the R5.06A is completed, it is recommended to use the following should be used:
1. Open Administration Client 2. Select the server you want to configure 3. In the Server section of the Configuration tab, select the current server document Click the "Web" button to select "Create a URL Mapping / Relocation Document" 4. URL relocation documentation In the "Basic" tab Select URLà relocation URL URL: * .. * Replay URL: * .. * Relocated URL: [Specifies the URL you want users to relocate, such as http: // Hostname / homepage.nsf http: //hostname/Message.html] Note: The specified URL must be an external relocation without being internal relocation. Therefore, http: //myserver/Message.html is effective, and /essage.html is invalid. 5. Save Document 6. Relift from HTTP Tasks
