Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0296


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0296
Last Modified 05 Sep 2008 04:45:53
Published 17 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.

Vulnerable Systems


  • Novell Groupwise 6.0

  • Novell Groupwise 6.5

  • Novell Groupwise Webaccess 6.0

  • Novell Groupwise Webaccess 6.5


XF - groupwise-error-auth-bypass(18954)

BID - 12285

BUGTRAQ - 20050127 NOVL-2005-10096251 GroupWise WebAccess error handling modules (report)

FULLDISC - 20050121 NOVL-2005-10096251 GroupWise WebAccess error handling modules (report)


BUGTRAQ - 20050117 Novell GroupWise WebAccess error modules loading

OSVDB - 13135

Last Updated: 27 May 2016 10:39:44