The HTTP interfaces for Novell GroupWise 8.0.2 Post Office Agent, Message Transfer Agent, and GroupWise Internet Agent are vulnerable to an arbitrary file retrieval condition due to a failure to properly filter certain crafted directory traversal sequences. An unauthenticated remote attacker can leverage this flaw to retrieve files with the privileges of the vulnerable agent. Novell has provided solutions for this issue in the form of GroupWise 8.0 SP3 as well as in the latest GroupWise 2012 SP1 release.
e3c9147383f5501cbaf78656fc4be6934d837f6efbec3b31cc32dac0b7201f56
HP Security Bulletin HPSBMU02815 SSRT100715 3 - Potential security vulnerabilities have been identified with HP SiteScope. The vulnerabilities in SiteScope SOAP features could be remotely exploited to allow disclosure of information or code execution. Revision 3 of this advisory.
f593bdd9f9f6ba0f0d0906c2f7080b0fe784d20779bf98f66e849b8b6c2e38e8