| Vulnerability Name: | CVE-2002-0341 (CCN-8311) | ||||||||
| Assigned: | 2002-02-28 | ||||||||
| Published: | 2002-02-28 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-0341 Source: BUGTRAQ Type: UNKNOWN 20020227 SecurityOffice Security Advisory:// Novell GroupWise Web Access Path Disclosure Vulnerability Source: CCN Type: OSVDB ID: 3414 Novell GroupWise GWWEB.EXE HTMLVER Web Server Path Disclosure Source: CCN Type: OSVDB ID: 722 Novell GroupWise Web Access Path Disclosure Source: CCN Type: BID-4206 Novell GroupWise Web Root Disclosure Vulnerability Source: CCN Type: SecurityOffice Security Advisory - February 28, 2002 Novell GroupWise Web Access Path Disclosure Vulnerability Source: XF Type: UNKNOWN groupwise-arg-path-disclosure(8311) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||