Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1634

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1634
Last Modified 09 Jun 2009 01:34:28
Published 26 May 2009 11:30:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1634

Summary

The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.

Vulnerable Systems

Application

  • Novell Groupwise 7.0

  • Novell Groupwise 7.0.0

  • Novell Groupwise 7.0.2

  • Novell Groupwise 7.0.3

  • Novell Groupwise 7.03

  • Novell Groupwise 8.0


References

MISC - https://bugzilla.novell.com/show_bug.cgi?id=472979

XF - groupwise-session-unauth-access(50688)

VUPEN - ADV-2009-1393

BID - 35066

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1

SECUNIA - 35177


Last Updated: 27 May 2016 10:50:38