PT-2009-4118 · Novell · Novell Groupwise

Published

2009-05-26

Updated

2017-08-17

CVE-2009-1634

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Novell GroupWise versions 7.x through 7.03 HP2 and 8.x through 8.0 HP1

Description: The issue is related to the WebAccess component, which does not properly implement session management mechanisms. This allows remote attackers to gain access to user accounts via unspecified vectors.

Recommendations: For Novell GroupWise versions 7.x through 7.03 HP2, update to version 7.03 HP3 or later. For Novell GroupWise versions 8.x through 8.0 HP1, update to version 8.0 HP2 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-1634

Affected Products

Novell Groupwise

PT-2009-4118 · Novell · Novell Groupwise

CVE-2009-1634

Related Identifiers

Affected Products

References · 9