CVE-2004-2734

Name of the Vulnerable Software and Affected Versions Novell NetWare 6.5

Description The issue concerns an inconsistency in the webadmin-apache.conf file within Novell Web Manager, where an uppercase Alias tag is used with a lowercase directory tag for a volume. This inconsistency allows remote attackers to bypass access control, specifically to the WEB-INF folder.

Recommendations For Novell NetWare 6.5, ensure consistency in the case of directory tags in the webadmin-apache.conf file to prevent access control bypass. As a temporary workaround, consider restricting access to the WEB-INF folder until the configuration issue is resolved.