Groupwise

groupwise

Vendor: Novell • 74 CVEs

CVEs (74)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-2346 1Novell 1Groupwise Apr 16, 2026 Aug 3, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task sectio...Show more Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.Show less
CVE-2005-0296 1Novell 2Groupwise Groupwise Webaccess Apr 16, 2026 Jan 17, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an...Show more NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issueShow less
CVE-2003-1551 1Novell 1Groupwise Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."
CVE-2002-1088 1Novell 1Groupwise Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.
CVE-2002-0341 1Novell 1Groupwise Apr 16, 2026 Jun 25, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.
CVE-2002-0303 1Novell 1Groupwise Apr 16, 2026 May 31, 2002 N/A· v4 N/A· v3 4.6 MEDIUM· v2 GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
CVE-2001-1195 1Novell 1Groupwise Apr 16, 2026 Dec 15, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.
CVE-2001-1458 1Novell 1Groupwise Apr 16, 2026 Oct 15, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
CVE-2001-1232 1Novell 1Groupwise Apr 16, 2026 Aug 14, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".
CVE-2001-1231 1Novell 1Groupwise Apr 16, 2026 Aug 14, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock...Show more GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.Show less
CVE-2001-0355 1Novell 1Groupwise Apr 16, 2026 Jun 27, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.
CVE-2000-0146 1Novell 1Groupwise Apr 16, 2026 Feb 7, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet.
CVE-1999-1006 1Novell 1Groupwise Apr 16, 2026 Dec 19, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.
CVE-1999-1005 2Netscape Novell 2Enterprise Server Groupwise Apr 16, 2026 Dec 19, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

Previous 1 2 34