CVSS: 5.0EPSS: 1%CPEs: 9EXPL: 0CVE-2004-2336
https://notcve.org/view.php?id=CVE-2004-2336
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. • http://secunia.com/advisories/11119 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091330.htm http://www.securityfocus.com/bid/9864 http://www.securitytracker.com/alerts/2004/Mar/1009417.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15467 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2579
https://notcve.org/view.php?id=CVE-2004-2579
ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding." • http://secunia.com/advisories/12366 http://securitytracker.com/id?1011074 http://support.novell.com/cgi-bin/search/searchtid.cgi?2972080.htm http://www.osvdb.org/9266 http://www.securityfocus.com/bid/11061 https://exchange.xforce.ibmcloud.com/vulnerabilities/17132 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2581
https://notcve.org/view.php?id=CVE-2004-2581
Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string." • http://secunia.com/advisories/12366 http://securitytracker.com/id?1011074 http://support.novell.com/cgi-bin/search/searchtid.cgi?2972080.htm http://www.osvdb.org/9268 http://www.securityfocus.com/bid/11061 https://exchange.xforce.ibmcloud.com/vulnerabilities/17134 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2004-2582
https://notcve.org/view.php?id=CVE-2004-2582
Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. • http://secunia.com/advisories/12366 http://securitytracker.com/id?1011074 http://support.novell.com/cgi-bin/search/searchtid.cgi?2972080.htm http://www.osvdb.org/9269 http://www.securityfocus.com/bid/11061 https://exchange.xforce.ibmcloud.com/vulnerabilities/17135 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2103
https://notcve.org/view.php?id=CVE-2004-2103
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091529.htm http://www.osvdb.org/4949 https://exchange.xforce.ibmcloud.com/vulnerabilities/14919 •