[13040] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Groupewise Web Interface

daemon@ATHENA.MIT.EDU (satherrl@MAILPOINT.DSSRG.CURTIN.ED)
Tue Dec 21 17:13:41 1999

Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Message-Id:  <199912211012.SAA54173@mailpoint.dssrg.curtin.edu.au>
Date:         Tue, 21 Dec 1999 18:12:27 +0800
Reply-To: satherrl@mailpoint.dssrg.curtin.edu.au
From: satherrl@MAILPOINT.DSSRG.CURTIN.EDU.AU
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <A39CA57849A9D1118A9C0060081695B00613D509@MULTI005>

Quoting Sacha Faust Bourque <sfaust@HARTCO.COM>:

> Problems found with GroupeWise web server ( Novell was contacted 3 weeks
> ago
> and no reply )
> -----------------------------------------------------------------
>
> 1. The help argument in GWWEB.EXE reveal full web path on the server
> 2. anyone can read a .htm file on the system with the GWWEB.EXE and the
> HELP
> argument.
>
> Example:
>
> 1. ( full web server path )
Oops, I just brought down a GroupWise server with
GWWEB.EXE?<very long string here>
whilst testing this.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13040] in bugtraq

Re: Groupewise Web Interface

daemon@ATHENA.MIT.EDU (satherrl@MAILPOINT.DSSRG.CURTIN.ED)Tue Dec 21 17:13:41 1999

daemon@ATHENA.MIT.EDU (satherrl@MAILPOINT.DSSRG.CURTIN.ED)
Tue Dec 21 17:13:41 1999