Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2104

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2104
Last Modified 29 Jan 2009 12:35:43
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2104

Summary

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

Vulnerable Systems

Application

  • Novell Netware 5.1

  • Novell Netware 6.0


References

OSVDB - 4952

SECUNIA - 10711

BUGTRAQ - 20040123 NetWare-Enterprise-Web-Server/5.1/6.0 Multiple Vulnerabilities

XF - netware-enterprise-path-disclosure(14921)

BID - 9479

OSVDB - 3722

OSVDB - 3721

OSVDB - 3720

OSVDB - 3715


Last Updated: 27 May 2016 10:39:21