2697 matches found
[Full-Disclosure] NOVL-2005-10096251 GroupWise WebAccess error handling modules (report)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2005-10096251 Title: GroupWise WebAccess Error modules loading report Date: 21-January-2005 Revision: Original Product Name: GroupWise...
CVE-2005-0296
NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified 1 error or 2 modify parameter that returns...
[Full-Disclosure] Novell GroupWise WebAccess error modules loading
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear ladies and gentlemen We have found a potential security vulnerability in the Novell GroupWise WebAccess error module handling. First of all it is possible to circumvent the login procedure. If a user connects to...
PT-2005-1374 · Novell · Novell Groupwise Webaccess
Name of the Vulnerable Software and Affected Versions: Novell GroupWise WebAccess affected versions not specified Description: The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an...
Novell GroupWise 6.5.3 WebAccess Multiple XSS
The remote host is running Novell GroupWise WebAccess, a commercial groupware package. The remote version of this software is affected by multiple cross-site scripting flaws due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to use the...
Novell GroupWise WebAccess WebAccessUninstall.ini Information Disclosure
The remote host is running Novell GroupWise WebAccess, a commercial groupware package. The remote version of this software has an information disclosure vulnerability. An attacker may request the file '/com/novell/webaccess/WebAccessUninstall.ini' and will obtain some information about the remote...
[NEWS] GroupWise WebAccess File Disclosure (GWAPACHE.CONF)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
CVE-2003-1551
Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."...
CVE-2001-1232
CVE-2001-1232 affects GroupWise WebAccess 5.5. The issue arises when directory indexing is enabled, allowing a remote attacker to view arbitrary directory contents via an HTTP request using a lowercase “get.” The vulnerability description—as shown in multiple sources (NVD, CVE List, CVE Record)—i...
CVE-2001-1233
Netware Enterprise Web Server 5.1 with GroupWise WebAccess 5.5 and NDS enabled is affected. The vulnerability allows remote attackers to enumerate usernames, group names and other system information by accessing ndsobj.nlm, due to exposure of directory information. CVSS v2.0 base score is 5.0 (AV...
CVE-2001-1232
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get"...
CVE-2001-1233
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services NDS enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm...
Groupwise Webaccess, NetWare web server, and Novell
No idea if this is what the Groupwise Padlock http://www.novell.com/padlock thing is about, since Novell is not only vague in the issues, but never acknowledged Adept's findings. - Simple Nomad - "No rest for the Wicca'd" - - [email protected] - - - [email protected] - www.nmrc.org...
groupwise.disclosure.txt
No idea if this is what the Groupwise Padlock http://www.novell.com/padlock thing is about, since Novell is not only vague in the issues, but never acknowledged Adept's findings. - Simple Nomad - "No rest for the Wicca'd" - - [email protected] - - - [email protected] - www.nmrc.org...
Проблеимы с NetWare Enterprise Web Server (information leak, directory reading)
При установленном GroupWise WebAccess возможно получение листинга каталога и списка системных объектов...
CVE-2001-1233
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services NDS enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm...
CVE-2001-1232
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get"...