Published: 31/12/2004 Updated: 30/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 515

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote malicious users to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
novell netware 5.1
novell netware 6.0

source: wwwsecurityfocuscom/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially malicious files on a vulnerable server wwwexamplecom/examples/jsp/snp/snoop ...

source: wwwsecurityfocuscom/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially malicious files on a vulnerable server wwwexamplecom/servlet/SnoopServlet ...

source: wwwsecurityfocuscom/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially malicious files on a vulnerable server wwwexamplecom/nsn/"<script%20langua ...

NVD-CWE-Other http://secunia.com/advisories/10711 http://www.securityfocus.com/bid/9479 http://www.osvdb.org/3715 http://www.osvdb.org/3720 http://www.osvdb.org/3721 http://www.osvdb.org/3722 http://www.osvdb.org/4952 http://marc.info/?l=bugtraq&m=107487862304440&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14921 https://nvd.nist.gov https://www.exploit-db.com/exploits/23587/

CVE-2004-2104

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect