Vulnerabilities > CVE-1999-1005

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
netscape
novell
exploit available

Summary

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

Vulnerable Configurations

Part Description Count
Application
Netscape
1
Application
Novell
2

Exploit-Db

descriptionNetscape Enterprise Server for NetWare 4/5 3.0.7 a,Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities. CVE-1999-1005. Remote exploit for novell plat...
idEDB-ID:19682
last seen2016-02-02
modified1999-12-19
published1999-12-19
reporterSacha Faust Bourque
sourcehttps://www.exploit-db.com/download/19682/
titleNetscape Enterprise Server ,Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities