Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0419

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0419
Last Modified 04 Apr 2013 11:07:59
Published 28 Sep 2012 06:40:20
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0419

Summary

Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.

Vulnerable Systems

Application

  • Novell Groupwise 2012

  • Novell Groupwise 8.0

  • Novell Groupwise 8.00

  • Novell Groupwise 8.01

  • Novell Groupwise 8.02


References

CONFIRM - http://download.novell.com/Download?buildid=O5hTjIiMdMo~

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=756924

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=756330

CONFIRM - http://www.novell.com/support/kb/doc.php?id=7010772

FULLDISC - 20120921 DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419)


Last Updated: 27 May 2016 10:57:36