Vulnerabilities > CVE-2004-2104 - Multiple vulnerability in Novell Netware 5.1/6.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
novell
exploit available
NVD
Published: 2004-12-31
Updated: 2018-10-30

Summary

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

Vulnerable Configurations

Part Description Count
OS
Novell
2

Exploit-Db

  • descriptionNovell Netware Enterprise Web Server 5.1/6.0 env.bas Information Disclosure. CVE-2004-2104. Remote exploit for netware platform
    idEDB-ID:23586
    last seen2016-02-02
    modified2004-01-23
    published2004-01-23
    reporterRafel Ivgi The-Insider
    sourcehttps://www.exploit-db.com/download/23586/
    titleNovell Netware Enterprise Web Server 5.1/6.0 env.bas Information Disclosure
  • descriptionNovell Netware Enterprise Web Server 5.1/6.0 snoop.jsp Information Disclosure. CVE-2004-2104. Remote exploit for netware platform
    idEDB-ID:23587
    last seen2016-02-02
    modified2004-01-23
    published2004-01-23
    reporterRafel Ivgi The-Insider
    sourcehttps://www.exploit-db.com/download/23587/
    titleNovell Netware Enterprise Web Server 5.1/6.0 snoop.jsp Information Disclosure
  • descriptionNovell Netware Enterprise Web Server 5.1/6.0 SnoopServlet Information Disclosure. CVE-2004-2104. Remote exploit for netware platform
    idEDB-ID:23588
    last seen2016-02-02
    modified2004-01-23
    published2004-01-23
    reporterRafel Ivgi The-Insider
    sourcehttps://www.exploit-db.com/download/23588/
    titleNovell Netware Enterprise Web Server 5.1/6.0 SnoopServlet Information Disclosure

References