Groupwise web server GWWEB.EXE allows remote malicious users to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell groupwise 5.5 |
||
netscape enterprise server 3.0.7a |
||
novell groupwise 5.2 |