Vulnerabilities > CVE-2007-3571 - Information Disclosure vulnerability in Groupwise

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

novell

NVD

Published: 2007-07-05

Updated: 2017-07-29

Summary

The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.

Vulnerable Configurations

Part	Description	Count
OS	Novell Novell Netware 6.5	1
Application	Novell Novell Groupwise 6.0 Novell Groupwise 6.0.1 Novell Groupwise 6.5 Novell Groupwise 6.5.2 Novell Groupwise 6.5.3 Novell Groupwise 6.5.4 Novell Groupwise 7.0	18

References

http://osvdb.org/45742
http://www.vupen.com/english/advisories/2007/2388
https://exchange.xforce.ibmcloud.com/vulnerabilities/35365
https://secure-support.novell.com/KanisaPlatform/Publishing/370/3555327_f.SAL_Public.html