PT-2004-3230 · Novell+1 · Groupwise Webaccess+2

Publicado

2004-12-31

Atualizado

2017-07-11

CVE-2004-2336

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Novell GroupWise and GroupWise WebAccess versions 6.0 through 6.5

Description: The issue allows remote attackers to read directories and files on the server when Novell GroupWise and GroupWise WebAccess are running with Apache Web Server 1.3 for NetWare, where Apache is loaded using GWAPACHE.CONF.

Recommendations: For versions 6.0 through 6.5, consider restricting access to sensitive directories and files on the server as a temporary workaround until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-2336

Produtos afetados

Apache Web Server

Groupwise Webaccess

Novell Groupwise

PT-2004-3230 · Novell+1 · Groupwise Webaccess+2

CVE-2004-2336

Identificadores relacionados

Produtos afetados

Referências · 7