Vulnerabilities > CVE-2001-1195 - Authentication vulnerability in Novell Groupwise Servlet Gateway Default

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
novell
nessus
exploit available

Summary

Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Novell
2

Exploit-Db

descriptionNovell Groupwise 5.5/6.0 Servlet Gateway Default Authentication Vulnerability. CVE-2001-1195. Remote exploit for novell platform
idEDB-ID:21182
last seen2016-02-02
modified2001-12-15
published2001-12-15
reporterAdam Gray
sourcehttps://www.exploit-db.com/download/21182/
titleNovell Groupwise 5.5/6.0 Servlet Gateway Default Authentication Vulnerability

Nessus

NASL familyNetware
NASL idNOVELL_GROUPWISE_SERVLETMANAGER_DEFAULT_PASSWORD.NASL
descriptionThe Novell Groupwise servlet server is configured with a default password. As a result, users could be denied access to mail and other servlet based resources. To test this finding: https://<host>/servlet/ServletManager/ enter
last seen2020-06-01
modified2020-06-02
plugin id12122
published2004-03-31
reporterThis script is Copyright (C) 2004-2018 David Kyger
sourcehttps://www.tenable.com/plugins/nessus/12122
titleNovell Groupwise Servlet Manager Default Password