Rapid7 Vulnerability & Exploit Database

Novell GroupWise Arbitrary File Access

Back to Search

Novell GroupWise Arbitrary File Access

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
10/15/2001
Created
07/25/2018
Added
11/01/2004
Modified
03/21/2018

Description

Novell GroupWise allows users to specify an arbitrary path for the login page. Under normal circumstances, login.htt is appended to the path. However, by specifying a NULL character (%00) to the path, a full file name can be specified for access. This exploit also provides path disclosure. By specifying an invalid file name, the full file path is returned. This allows malicious users to more accurately locate files.

Solution(s)

  • http-groupwise-0002

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;