This isn't a proof of concept, but more a probe for misconfigured database
ACL's.
If a Domino web server doesn't have a redirection URL for /mail/* mail
files, then you rely on the access control for each mail file.
Two things can be done to avoid this :
1 - Change the ACL on sensitive databases ( /mail/* , names.nsf ) to :
Anonymous - No access
[Default] - No access
2 - Within the Server Document for each server, ensure that "Allow HTTP
clients to browse databases:" is set to "No"
I believe that all versions of Domino server from 4.5 upwards are
suceptible to badly configured ACL's. Any good administrator would have a
hold of this already.
#!/usr/local/bin/php -q
<?
<snip>
</snip>
fclose ($fd);
?>
