PT-2001-2364 · Novell · Groupwise Webaccess

Published

2001-08-14

Updated

2017-12-19

CVE-2001-1232

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions GroupWise WebAccess version 5.5

Description The issue allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get". This is possible when directory indexing is enabled.

Recommendations For GroupWise WebAccess version 5.5, consider disabling directory indexing to prevent unauthorized access to directory contents.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1232

Affected Products

Groupwise Webaccess

PT-2001-2364 · Novell · Groupwise Webaccess

CVE-2001-1232

Related Identifiers

Affected Products

References · 5