webaccess software vulnerabilities
vulnerabilities.aspcode.net
Searching webaccess software vulnerabilities
GroupWise WebAccess 5.5 with directory indexing
lowercase
|
arbitrary
|
directory
|
GroupWise
|
WebAccess
|
attacker
|
contents
|
indexing
|
enabled
|
request
|
remote
|
allows
|
"get"
|
view
|
HTTP
|
via
|
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".
Netware Enterprise Web Server 5.1 running Group
Enterprise
|
WebAccess
|
GroupWise
|
Directory
|
Services
|
Netware
|
running
|
Novell
|
Server
|
Web
|
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
Novell NetWare Enterprise Web Server 5.1 and 6.
directories
|
Enterprise
|
attackers
|
request
|
NetWare
|
direct
|
remote
|
Server
|
Novell
|
allows
|
list
|
Web
|
via
|
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.
Unknown vulnerability in Novell GroupWise and G
vulnerability
|
GWAPACHECONF
|
directories
|
attackers
|
WebAccess
|
GroupWise
|
NetWare
|
through
|
Unknown
|
running
|
remote
|
allows
|
Server
|
Apache
|
Novell
|
loaded
|
using
|
files
|
read
|
Web
|
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server.
** DISPUTED ** NOTE: this issue has been dispu
DISPUTED
|
** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.
Cross-site scripting (XSS) vulnerability in Nov
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Cross-site scripting (XSS) vulnerability in Nov
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before Thursday, July 27, 2006 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.
Stack-based buffer overflow in the base64_decod
base64_decode
|
Stack-based
|
GWINTERexe
|
GroupWise
|
function
|
overflow
|
buffer
|
Novell
|
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Cross-site scripting (XSS) vulnerability in the
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2.
Software vulnerabilities results 1 to 10 of 10
Page:
1