Groupwise Security Vulnerabilities and Issues — Groupwise CVE List

Lucene search

NovellGroupwise

5 matches found

CVE•added 2005/08/17 4:0 a.m.•53 views

CVE-2005-2620

grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory.

5CVSS6.5AI score0.01761EPSS

CVE•added 2005/08/03 4:0 a.m.•52 views

CVE-2005-2346

Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.

7.5CVSS8.4AI score0.02053EPSS

CVE•added 2005/04/21 4:0 a.m.•48 views

CVE-2001-1458

Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.

5CVSS6.7AI score0.00888EPSS

CVE•added 2005/02/10 5:0 a.m.•45 views

CVE-2005-0296

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns te...

5CVSS6.2AI score0.00842EPSS

CVE•added 2005/10/04 9:2 p.m.•43 views

CVE-2005-2804

Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.

5CVSS7.5AI score0.05299EPSS