Vulnerabilities > CVE-2006-3268 - Unspecified vulnerability in Novell Groupwise
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 18 |
Nessus
NASL family | Windows |
NASL id | GROUPWISE_CLIENT_EMAIL_ACCESS.NASL |
description | The remote host is running GroupWise, an enterprise-class collaboration application from Novell. The version of GroupWise installed on the remote host contains a flaw in the client API that may allow a user to bypass security controls and gain access to non-authorized email within the same authenticated post office. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22003 |
published | 2006-07-05 |
reporter | This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/22003 |
title | Novell GroupWise Windows Client Arbitrary Email Access |
code |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 18716 CVE(CAN) ID: CVE-2006-3268 Novell GroupWise是一款跨平台协作软件。 Novell GroupWise的客户端API实现上存在漏洞,攻击者可能利用漏洞绕过安全限制,访问某些非授权的邮件。 Novell Groupwise 7.x Novell Groupwise 6.x Novell Groupwise 5.x 厂商补丁: Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: GroupWise 6.5: Apply SP6 Client Update 1 <a href=http://support.novell.com/filefinder/16963/index.html target=_blank>http://support.novell.com/filefinder/16963/index.html</a> GroupWise 7: Apply GroupWise 7 SP1 <a href=http://support.novell.com/filefinder/20641/index.html target=_blank>http://support.novell.com/filefinder/20641/index.html</a> |
id | SSV:2738 |
last seen | 2017-11-19 |
modified | 2007-12-31 |
published | 2007-12-31 |
reporter | Root |
title | Novell Groupwise Windows客户端API非授权邮件访问漏洞 |
References
- http://secunia.com/advisories/20888
- http://securitytracker.com/id?1016404
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973921.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974006.htm
- http://support.novell.com/cgi-bin/search/searchtid.cgi?2974027.htm
- http://www.securityfocus.com/archive/1/438725/100/0/threaded
- http://www.securityfocus.com/bid/18716
- http://www.vupen.com/english/advisories/2006/2594
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27550