CVE-2001-1233
First published: Tue Aug 14 2001(Updated: )
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Novell GroupWise WebAccess | =5.5 | |
| Novell NetWare FTP Server | =5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-1233?
CVE-2001-1233 has a high severity rating due to its potential for unauthorized user enumeration.
How do I fix CVE-2001-1233?
To fix CVE-2001-1233, ensure that NDS is disabled or restrict access to ndsobj.nlm to prevent remote enumeration.
What software versions are affected by CVE-2001-1233?
CVE-2001-1233 affects Novell GroupWise WebAccess 5.5 and Novell NetWare 5.1.
What type of attack does CVE-2001-1233 enable?
CVE-2001-1233 enables remote attackers to enumerate usernames and group names within the affected systems.
Is CVE-2001-1233 still relevant today?
CVE-2001-1233 is considered relevant for legacy systems still running the affected software.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/novell
- canonical/novell groupwise webaccess
- version/novell groupwise webaccess/5.5
- canonical/novell netware ftp server
- version/novell netware ftp server/5.1