Vulnerabilities > CVE-2008-1330 - Unspecified vulnerability in Novell Groupwise

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

novell

NVD

Published: 2008-03-18

Updated: 2024-11-21

Summary

Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of another user who has shared at least one folder with the attacker.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Groupwise 6.5 Novell Groupwise 7.0 Novell Groupwise 6.5.6 Novell Groupwise 6.5.3 Novell Groupwise 6.5.4 Novell Groupwise 6.5_Sp6_Update_1 Novell Groupwise 7.0.0 Novell Groupwise 6.5.2 Novell Groupwise 6.5.7	16

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 28265 CVE(CAN) ID: CVE-2008-1330 Novell GroupWise是一款跨平台协作软件。 GroupWise的Windows客户端API在实现共享文件夹时存在错误，如果用户能够认证到GroupWise并为其他共享文件夹用户的收件人的话，就可以利用这个漏洞访问共享用户邮箱中的非共享邮件。 Novell Groupwise 7 Novell Groupwise 6.5 临时解决方法： * 删除对文件夹的共享访问，点击File > Sharing，然后选择Not shared。厂商补丁： Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： <a href=http://www.novell.com/documentation/gw7/gw7_admin/index.html?page=/documentation/gw7/gw7_admin/data/adqaf1n.html target=_blank>http://www.novell.com/documentation/gw7/gw7_admin/index.html?page=/documentation/gw7/gw7_admin/data/adqaf1n.html</a> <a href=http://www.novell.com/documentation/gw65/index.html?page=/documentation/gw65/gw65_admin/data/adqaf1n.html target=_blank>http://www.novell.com/documentation/gw65/index.html?page=/documentation/gw65/gw65_admin/data/adqaf1n.html</a>
id	SSV:3055
last seen	2017-11-19
modified	2008-03-19
published	2008-03-19
reporter	Root
title	Novell GroupWise Windows客户端API共享文件夹邮件信息泄露漏洞

Summary

Vulnerable Configurations

Seebug

References