CVE-2005-0296
First published: Mon Jan 17 2005(Updated: )
** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Novell GroupWise | =6.0 | |
| Novell GroupWise | =6.0-sp4 | |
| Novell GroupWise WebAccess | =6.5 | |
| Novell GroupWise WebAccess | =6.5-sp1 | |
| Novell GroupWise | =6.0-sp2 | |
| Novell GroupWise | =6.5-sp1 | |
| Novell GroupWise | =6.0-sp1 | |
| Novell GroupWise WebAccess | =6.5-sp2 | |
| Novell GroupWise | =6.0-sp3 | |
| Novell GroupWise | =6.5 | |
| Novell GroupWise | =6.5-sp2 | |
| Novell GroupWise WebAccess | =6.0-sp4 | |
| =6.0 | ||
| =6.0-sp1 | ||
| =6.0-sp2 | ||
| =6.0-sp3 | ||
| =6.0-sp4 | ||
| =6.5 | ||
| =6.5-sp1 | ||
| =6.5-sp2 | ||
| =6.0-sp4 | ||
| =6.5 | ||
| =6.5-sp1 | ||
| =6.5-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-01/0771.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-01/0341.html
- http://support.novell.com/servlet/tidfinder/10096251
- http://www.securityfocus.com/bid/12285
- http://www.osvdb.org/13135
- http://marc.info/?l=bugtraq&m=110608203729814&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18954
- collector/nvd-historical
- vendor/novell
- product/groupwise
- canonical/novell groupwise
- product/groupwise webaccess
- canonical/novell groupwise webaccess
- collector/nvd-index
- agent/author
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/status
- agent/softwarecombine
- agent/description
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- version/novell groupwise/6.0
- version/novell groupwise/6.0-sp4
- version/novell groupwise webaccess/6.5
- version/novell groupwise webaccess/6.5-sp1
- version/novell groupwise/6.0-sp2
- version/novell groupwise/6.5-sp1
- version/novell groupwise/6.0-sp1
- version/novell groupwise webaccess/6.5-sp2
- version/novell groupwise/6.0-sp3
- version/novell groupwise/6.5
- version/novell groupwise/6.5-sp2
- version/novell groupwise webaccess/6.0-sp4
- status/disputed