3 matches found
Novell GroupWise Admin Service FileUploadServlet Directory Traversal (CVE-2014-0600)
A directory traversal vulnerability exists within the Administration Service of Novell GroupWise 2014. The vulnerability is due to a flaw in handling of a parameter in the FileUploadServlet servlet. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to th...
Novell Groupwise 2014 < 2014 SP1 File Access Vulnerability - Active Check
Novell Groupwise is prone to an arbitrary file access vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2014-0600
The CVE-2014-0600 issue affects Novell GroupWise 2014 Administration Service, specifically the FileUploadServlet. The vulnerability arises from how the poLibMaintenanceFileSave parameter is handled, enabling directory traversal that allows remote attackers to read or write arbitrary files on the ...