I think maybe you’re seeing the
directory traversal vulnerability identified in Groupwise. Groupwise 6
had this vulnerability as well as previous versions if I remember right.
http://xforce.iss.net/xforce/xfdb/7287
Thanks,
Michael Horseman
IT Security Analyst
Capgemini
[EMAIL PROTECTED]
w: 816.414.4925
"Any sufficiently advanced
technology is indistinguishable from magic."
- Arthur C. Clarke
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of noAcces
Sent: Friday, January 07, 2005
3:42 AM
To:
[email protected]
Subject: [Full-Disclosure] Novell
WebAcces
I
was playing around when I found a small problem with Novell's WebAcces.
With User.lang you can give in you're language as parameter I tried some
different stuff there and when I tried "> so that the URL would be
hxxp://www.notsohappyserver.com/servlet/webacc?User.Lang="> a Link
apeared I clicked it and so I found some unprotected dirs.
The problem is that the file
hxxps://www.notsohappyserver/com/novell/webaccess/WebAccessUninstall.ini
contains info about the servername context and install paths
It seems that this is working on almost every webacces server.
Kerst actie bij
Lycos Mail: 50% korting op Lycos Xtra en Max!
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
|
|
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
