Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Groupewise Web Interface
From: eckma009 () UMN EDU (Brian)
Date: Tue, 21 Dec 1999 14:21:51 -0600


This vulnerability exists on the Enterprise Web Server.

Brian

Raymond Dijkxhoorn <raymond () THRIJSWIJK NL> 12/20/99 02:29PM >>>
Hi!

1. The help argument in GWWEB.EXE reveal full web path on the server
2. anyone can read a .htm file on the system with the GWWEB.EXE and the HELP
argument.

This was tested on GroupWise 5.2 and 5.5 .

Why didnt you upgrade to the one wich was shipped on 5.5 ??
The Netscape Enterprise server ???

As far as i know the Novell webserver is no longer in development and the
new ones were builded under the 'Novonyx' flag.... Novell/Netscape.

Bye,
Raymond Dijkxhoorn


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]