CVE-2005-0296

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise; Groupwise Webaccess
Vendor: CVE Published:; 17 January 2005

Summary

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue

References

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugt...

mailing-listx_refsource_BUGTRAQ

http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/20...

mailing-listx_refsource_FULLDISC

http://www.osvdb.org/13135

vdb-entryx_refsource_OSVDB

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 10, 2005
Vulnerability published
Jan 17, 2005

Collectors

NVD DatabaseMitre Database