| Vulnerability Name: | CVE-2001-1231 (CCN-6998) | ||||||||
| Assigned: | 2001-08-14 | ||||||||
| Published: | 2001-08-14 | ||||||||
| Updated: | 2017-10-10 | ||||||||
| Summary: | GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Aug 14 2001 - 21:39:06 CDT Fwd: Security Alert: Groupwise - Action Required Source: MITRE Type: CNA CVE-2001-1231 Source: CCN Type: Novell Support Web site Padlock Fix for GroupWise 5.5 Enhancement Pack and GroupWise 6 Users Source: CONFIRM Type: Patch, Vendor Advisory http://support.novell.com/padlock/details.htm Source: CCN Type: US-CERT VU#726891 Novell Groupwise contains protocol implementation vulnerability allowing email to be viewed by unauthorized user Source: CCN Type: OSVDB ID: 1929 Novell GroupWise Padlock Arbitrary Mailbox Read Source: BUGTRAQ Type: Patch, Vendor Advisory 20010814 Fwd: Security Alert: Groupwise - Action Required Source: BID Type: UNKNOWN 3189 Source: CCN Type: BID-3189 Novell GroupWise Padlock Vulnerability Source: XF Type: UNKNOWN novell-groupwise-admin-privileges(6998) Source: XF Type: UNKNOWN novell-groupwise-admin-privileges(6998) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||