• info
• discussion
• exploit
• solution
• references

Novell Groupwise Arbitrary File Retrieval Vulnerability

Solution:
A vendor supplied patch is available:


Novell Groupwise Enhancement Pack 5.5

• Novell Novell Groupwise WebAccess fix 5.5 & 6.0
  Novell has released a self extracting file with a replacement JAR file containing a new WebAccess servlet.
  http://support.novell.com/servlet/tidfinder/2960443

Novell Groupwise 6.0

• Novell Novell Groupwise WebAccess fix 5.5 & 6.0
  Novell has released a self extracting file with a replacement JAR file containing a new WebAccess servlet.
  http://support.novell.com/servlet/tidfinder/2960443