what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

ISR-novellxss.txt
Posted Aug 18, 2006
Authored by Francisco Amato | Site infobyte.com.ar

Novell Groupwise WebAccess is susceptible to cross site scripting attacks. Versions 7 and 6.5 are susceptible.

tags | advisory, xss
advisories | CVE-2006-3817
SHA-256 | ed89535ccb04b5ad07312b883638ed4b701ecaca83e8db67c376289feaf92856

Related Files

Zero Day Initiative Advisory 07-015
Posted Apr 19, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the handling of an HTTP Basic authentication request, the process copies user-supplied base64 data into a fixed length stack buffer. Sending at least 336 bytes will trigger a stack based buffer overflow due to a vulnerable base64_decode() call. Exploitation of this issue can result in arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, tcp, code execution
advisories | CVE-2007-2171
SHA-256 | 90a41cead20143889d6a2f43dfaa84ad08429adb0c36d1b17c84c1dfcf42c1ae
ISR-ibm-eGatherer.tar.gz
Posted Aug 29, 2006
Authored by Francisco Amato | Site infobyte.com.ar

This Metasploit module exploits a code execution vulnerability in the IBM eGatherer ActiveX buffer overflow.

tags | exploit, overflow, code execution, activex
advisories | CVE-2006-4221
SHA-256 | 6280365f18cd390c0a7ec483822ae21f3d8ac6a2a269541e0bb334fa7e54938e
Secunia Security Advisory 21411
Posted Aug 10, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Novell GroupWise, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 71e2592cc33b1a8d8797010f6b2cb0c57b62054387d43ca7ff4d20f57d3854c5
NOVELL-SA-2006-001.txt
Posted Jul 2, 2006
Site novell.com

Novell Security Announcement - A security vulnerability exists in the GroupWise Windows Client API that can allow random programmatic access to non-authorized email within the same authenticated post office. Affected Products: Novell GroupWise 5.x, Novell GroupWise 6.0, Novell GroupWise 6.5, Novell GroupWise 7, Novell GroupWise 32-bit Client.

tags | advisory
systems | windows
advisories | CVE-2006-3268
SHA-256 | 6658eb77abb7d3e6b4e2686bc733dc0e41b332b2f8cc43e5d0387dc1cd8ea2e4
Secunia Security Advisory 20888
Posted Jun 29, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 3902c49b4dd5291ec748ad6f300d2c11f106f6595001c3565c5990947d04d5dd
Zero Day Initiative Advisory 06-08
Posted Apr 19, 2006
Authored by Tipping Point | Site zerodayinitiative.com

ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Novell GroupWise Messenger. Authentication is not required to exploit this vulnerability.

tags | advisory, overflow, arbitrary
SHA-256 | d220110f812525e744b48e805ca035f261d8c2171a383640c2722aeb2ecc0cb3
Secunia Security Advisory 19663
Posted Apr 17, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell GroupWise Messenger, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e16bc300e21153d52588dee715bb909726ba8f7593a95d81fb62a18aa5032eaf
ISR-novell.txt
Posted Sep 27, 2005
Authored by Francisco Amato

The client in Novell GroupWise version 6.5.3 is susceptible to an integer overflow. Previous versions are also believed vulnerable.

tags | advisory, overflow
SHA-256 | 4479e84b3e7793c8486d9d5b65049c1958e50d78ec10b6f6901bfecb11feee05
novellBO653.txt
Posted Jul 28, 2005
Authored by Francisco Amato | Site infobyte.com.ar

The Novell GroupWise 6.5.3 client suffers from a remote buffer overflow vulnerability.

tags | advisory, remote, overflow
SHA-256 | 416b19430a2eb949354f800a7e077717fb0241942ea239754df3b2782f4eea1e
isr-groupwiseXSS.txt
Posted Jul 20, 2005
Site infobyte.com.ar

Novell Groupwise WebAccess version 6.5 SP4 is susceptible to cross site scripting attacks.

tags | advisory, xss
SHA-256 | f0ed2776bc524fe6c4d5dce1db9880889c98ea85a63dd337925b7218e46ca9a8
Secunia Security Advisory 16098
Posted Jul 19, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 503bdfea54b3c407f93c0b63aec2a9299e9a166be78fccd88fa09b78f8e79327
groupwarePassword.txt
Posted Jun 21, 2005
Authored by Securityteam

A Vulnerability exists in the Novell GroupWise Client that will allow an attacker to identify the id and password of the users GroupWise email account. Tested vulnerable versions: 6.5.2, 6.0, and 5.5.

tags | advisory
SHA-256 | 921c82b00c438750325e3b3be83c287e5afe618d7a5952803687192893b0636d
ISR-form-v1.0.tar.gz
Posted Jun 18, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Simple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data.

systems | unix
SHA-256 | 775fd1d04e6784cb43827f6833c3d84a21025eb24ec1d5d74d99f835e403ad60
ISR-siteprotector.txt
Posted Apr 18, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Internet Security Systems SiteProtector is susceptible to a SQL injection vulnerability.

tags | advisory, sql injection
SHA-256 | 3636850a45049d289c0e445a2f236801060729106bcd68e90ef13802bc211eab
ISR-blackicefs.txt
Posted Apr 18, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Internet Security Systems, RealSecure Desktop and BlackICE PC Protection are susceptible to a format string vulnerability.

tags | advisory
SHA-256 | c352cb5d6de0867080b0e4c7a99e36c4571ac6f69924224a9ab7bd87f543c114
ISR-blackicebo.txt
Posted Apr 18, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Internet Security Systems, RealSecure Desktop and BlackICE PC Protection are susceptible to a local buffer overflow.

tags | advisory, overflow, local
SHA-256 | 8d58e114193e0e9a2634141ef46bec3f4e27d648d916ac5c5262fbb7e40fe817
ISR-ichainBrute.txt
Posted Mar 22, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Novell iChain Mini FTP Server version 2.3 allows for brute force attacks.

tags | advisory, cracker
SHA-256 | a28f43bb0a444a7e603b1b3e6da5d9e04d4944ab47e69e1c01d092e90cb95db7
ISR-ichainInsecure.txt
Posted Mar 22, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Novell iChain Mini FTP Server version 2.3 fails to securely pass credentials.

tags | advisory
SHA-256 | fec0d8c4d7f6ee1dcdea2167477ddacf854d314ce3a9d14fcc8a6e7dd66da471
ISR-ichain23path.txt
Posted Mar 22, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Novell iChain Mini FTP Server version 2.3 has a full path disclosure flaw.

tags | advisory
SHA-256 | 7e1e53a664debf00564c2070380e704d87cba5cd08627ed0d71d778e6fcbdbe4
ISR-ichain23.txt
Posted Mar 22, 2005
Authored by Francisco Amato | Site infobyte.com.ar

Infobyte Security Research - Novell iChain Mini FTP Server version 2.3 fails to hide whether or not a user name is invalid on the server.

tags | advisory
SHA-256 | 25b8961783ed2d67cbb8fd8fb177f49a1fe914b3d069e2f495b42f076cb4cbf1
novell.txt
Posted Jan 19, 2005
Authored by Marc Ruef | Site computec.ch

The Novell GroupWise WebAccess error module handling has a flaw where a malicious attacker can circumvent the login procedure.

tags | advisory
SHA-256 | 098deb19fae7350013e47a4e4b102a3848621eb8b4d993db52f880dc69b73b5e
groupwise65.txt
Posted Aug 5, 2003
Authored by Adam Gray | Site novacoast.com

Novacoast Security Advisory - Novacoast has discovered that Novell GroupWise 6.5 Wireless Webaccess logs all usernames and passwords in clear text.

tags | advisory
SHA-256 | 73f94dfc0e4284cc8cbaf2c9688ddbad14ddec6437238d61c2b58e0ae32235bd
groupwise.6.0.1.txt
Posted Jul 30, 2002
Authored by Marco van Berkum | Site ws.obit.nl

Novell GroupWise Internet Agent 6.0.1 sp1 contains a buffer overflow in the smtp service which can be exploited over port 25. Tested on Novell NetWare 5.1 sp3. Fix available here.

tags | overflow
SHA-256 | a176e4e5a0799c3a71f7a3f6764dbd5dc8b33db8e6a3951197adf2671d937e12
winsd.021600.txt
Posted Feb 16, 2000
Authored by winsd | Site ntsecurity.net

Windows Security Digest - Contains Something Old, Something New: DNS Hijacking, Timbuktu Pro Denial of Service, SNMP Trap Watcher Denial of Service, Internet Anywhere DoS, Firewall-1 Allows Unauthorized TCP Connections, MySQL Allows Password Bypass, Novell GroupWise DoS, poll: What Will the Recent DDoS Attacks Lead to?, RSA Security Site Ransacked, Microsoft Outlines New Windows 2000 Security Strategy, and Why Deny Read Access To Executable Content?

tags | denial of service, tcp, magazine
systems | windows
SHA-256 | a0b70514856fc46ba9ccc75cadd8e80e0c93ce21ab1c975842178c1f48789536
groupwise.web.txt
Posted Dec 20, 1999
Authored by Sacha Faust Bourque

Two remote issues were found with the Novell Groupwise web server. The help argument will reveal the full path of the server, and any .htm file on the system may be read with GWWEB.EXE.

tags | exploit, remote, web
SHA-256 | 6e8012dff3fa95418285c4ea3cae3829f2c00f863699c100e3f2cc66339f2aa3
Page 4 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close