Lucene search
K

2697 matches found

securityvulns
securityvulns
added 2005/01/23 12:0 a.m.26 views

[Full-Disclosure] NOVL-2005-10096251 GroupWise WebAccess error handling modules (report)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2005-10096251 Title: GroupWise WebAccess Error modules loading report Date: 21-January-2005 Revision: Original Product Name: GroupWise...

7AI score
Exploits0
NVD
NVD
added 2005/01/17 5:0 a.m.17 views

CVE-2005-0296

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified 1 error or 2 modify parameter that returns...

5CVSS6.2AI score0.02623EPSS
Exploits0References7
securityvulns
securityvulns
added 2005/01/17 12:0 a.m.50 views

[Full-Disclosure] Novell GroupWise WebAccess error modules loading

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear ladies and gentlemen We have found a potential security vulnerability in the Novell GroupWise WebAccess error module handling. First of all it is possible to circumvent the login procedure. If a user connects to...

7.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/01/17 12:0 a.m.4 views

PT-2005-1374 · Novell · Novell Groupwise Webaccess

Name of the Vulnerable Software and Affected Versions: Novell GroupWise WebAccess affected versions not specified Description: The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an...

5CVSS6.8AI score0.02623EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2005/01/15 12:0 a.m.22 views

Novell GroupWise 6.5.3 WebAccess Multiple XSS

The remote host is running Novell GroupWise WebAccess, a commercial groupware package. The remote version of this software is affected by multiple cross-site scripting flaws due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to use the...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/01/15 12:0 a.m.36 views

Novell GroupWise WebAccess WebAccessUninstall.ini Information Disclosure

The remote host is running Novell GroupWise WebAccess, a commercial groupware package. The remote version of this software has an information disclosure vulnerability. An attacker may request the file '/com/novell/webaccess/WebAccessUninstall.ini' and will obtain some information about the remote...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2004/03/18 12:0 a.m.30 views

[NEWS] GroupWise WebAccess File Disclosure (GWAPACHE.CONF)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7AI score
Exploits0
NVD
NVD
added 2003/12/31 5:0 a.m.19 views

CVE-2003-1551

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."...

10CVSS6.4AI score0.01583EPSS
Exploits0References5
CVE
CVE
added 2002/05/03 4:0 a.m.48 views

CVE-2001-1232

CVE-2001-1232 affects GroupWise WebAccess 5.5. The issue arises when directory indexing is enabled, allowing a remote attacker to view arbitrary directory contents via an HTTP request using a lowercase “get.” The vulnerability description—as shown in multiple sources (NVD, CVE List, CVE Record)—i...

5CVSS7.1AI score0.01908EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2002/05/03 4:0 a.m.56 views

CVE-2001-1233

Netware Enterprise Web Server 5.1 with GroupWise WebAccess 5.5 and NDS enabled is affected. The vulnerability allows remote attackers to enumerate usernames, group names and other system information by accessing ndsobj.nlm, due to exposure of directory information. CVSS v2.0 base score is 5.0 (AV...

5CVSS6.8AI score0.01627EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.22 views

CVE-2001-1232

GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get"...

6.7AI score0.01908EPSS
Exploits1References3
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.26 views

CVE-2001-1233

Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services NDS enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm...

6.4AI score0.01627EPSS
Exploits1References2
securityvulns
securityvulns
added 2001/08/16 12:0 a.m.47 views

Groupwise Webaccess, NetWare web server, and Novell

No idea if this is what the Groupwise Padlock http://www.novell.com/padlock thing is about, since Novell is not only vague in the issues, but never acknowledged Adept's findings. - Simple Nomad - "No rest for the Wicca'd" - - [email protected] - - - [email protected] - www.nmrc.org...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2001/08/16 12:0 a.m.39 views

groupwise.disclosure.txt

No idea if this is what the Groupwise Padlock http://www.novell.com/padlock thing is about, since Novell is not only vague in the issues, but never acknowledged Adept's findings. - Simple Nomad - "No rest for the Wicca'd" - - [email protected] - - - [email protected] - www.nmrc.org...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/16 12:0 a.m.43 views

Проблеимы с NetWare Enterprise Web Server (information leak, directory reading)

При установленном GroupWise WebAccess возможно получение листинга каталога и списка системных объектов...

1AI score
Exploits0References1Affected Software2
NVD
NVD
added 2001/08/14 4:0 a.m.25 views

CVE-2001-1233

Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services NDS enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm...

5CVSS6.4AI score0.01627EPSS
Exploits1References2
NVD
NVD
added 2001/08/14 4:0 a.m.23 views

CVE-2001-1232

GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get"...

5CVSS6.7AI score0.01908EPSS
Exploits1References3
Rows per page
Query Builder