• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Novell GroupWise Windows Client API Shared Folder Email Information Disclosure Vulnerability

Novell GroupWise Windows Client API is prone to an information-disclosure vulnerability. This issue affects the handling of shared folders.

Successfully exploiting this issue allows remote, authenticated attackers to gain access to non-shared email contained in a targeted user's mailbox. To exploit this issue, attackers must be permitted access to the shared folder of another user.

This issue affects Novell GroupWise 6.5 and 7. Previous versions may also be affected.