Novell: >> Groupwise >> 6.0 Security Vulnerabilities
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
CVSS Score
5.0
EPSS Score
0.005
Published
2004-12-31
Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.
CVSS Score
7.5
EPSS Score
0.025
Published
2002-10-04
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
CVSS Score
4.6
EPSS Score
0.0
Published
2002-05-31
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.
CVSS Score
7.5
EPSS Score
0.047
Published
2001-12-15
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
CVSS Score
5.0
EPSS Score
0.009
Published
2001-10-15
GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.
CVSS Score
5.0
EPSS Score
0.017
Published
2001-08-14
Page 3