We have a vulnerability on one Domino server. We have 4 Domino servers that were built and maintained the same but are only
getting the vulnerability on one of them. The problem is:
[low] [25/tcp/smtp] SMTP Service STARTTLS Plaintext Command Injection
Nessus sent the following two commands in a single packet : STARTTLS\r\nRSET\r\n And the server sent the following two responses : 220 Ready to start TLS 250 Reset state
Servers have been running for months without any problem. We are running Domino 9.0.1 FP2 with IF3. The problem showed up after we installed InterimFix 3.
Does anyone know how to fix this issue? Thanks.