CVE-2012-0419

2012-09-28 12:40:20 2013-04-05 05:07:59

Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Novell - Groupwise

Advisory	Patch	Confirmed	Link
			http://download.novell.com/Download?buildid=O5hTjIiMdMo~
			https://bugzilla.novell.com/show_bug.cgi?id=756924
			https://bugzilla.novell.com/show_bug.cgi?id=756330
			http://www.novell.com/support/kb/doc.php?id=7010772
			20120921 DDIVRT-2012-42 Novell GroupWise Agents Arbitrar...
			20120921 DDIVRT-2012-42 Novell GroupWise Agents Arbitrar...

CVE-2012-0419

2012-09-28 12:40:20 2013-04-05 05:07:59

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)