CVE-2001-1458

N/A Unknown

Published: October 15, 2001 Modified: April 16, 2026

Description

Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://online.securityfocus.com/archive/1/220667

Source: cve@mitre.org

http://support.novell.com/servlet/tidfinder/2960443

Source: cve@mitre.org

http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/advisories_template.htm%3Findexid%3D12

Source: cve@mitre.org

Exploit

http://www.kb.cert.org/vuls/id/341539

Source: cve@mitre.org

US Government Resource

http://www.novell.com/coolsolutions/gwmag/features/a_webaccess_security_gw.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/3436

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7287

Source: cve@mitre.org

http://online.securityfocus.com/archive/1/220667