CVE-2012-0419
published 2012-09-28CVE-2012-0419: Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote…
PriorityP349medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
41.84%
98.5th percentile
Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| novell | groupwise | — | — |
| novell | groupwise | — | — |
| novell | groupwise | — | — |
| novell | groupwise | — | — |
| novell | groupwise | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to Novell GroupWise agent HTTP interfaces (Post Office Agent and Message Transfer Agent web interfaces) containing directory traversal sequences (e.g., '../' or URL-encoded equivalents) in the URI path. ↗
- →Flag inbound HTTP GET requests to GroupWise agent ports containing repeated '../' or '%2e%2e%2f' sequences traversing beyond the web root, particularly targeting OS files such as win.ini or /etc/passwd. ↗
- →This vulnerability is exploitable remotely without authentication; alert on unauthenticated HTTP requests to GroupWise agent HTTP listener ports containing traversal patterns. ↗
- ·Affected versions are Novell GroupWise 8.0 before Support Pack 3 and GroupWise 2012 before Support Pack 1. Patched versions are not vulnerable; ensure SP3 (GW 8.0) or SP1 (GW 2012) or later is applied before relying solely on network detection. ↗
- ·Metasploit module was tested on Novell GroupWise 8.02 HP2 over Windows 2003 SP2; behavior or traversal depth may differ on other OS platforms (e.g., Linux-hosted GroupWise). ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-09/0106.htmlhttp://download.novell.com/Download?buildid=O5hTjIiMdMo~http://seclists.org/fulldisclosure/2012/Sep/161http://www.novell.com/support/kb/doc.php?id=7010772https://bugzilla.novell.com/show_bug.cgi?id=756330https://bugzilla.novell.com/show_bug.cgi?id=756924http://archives.neohapsis.com/archives/bugtraq/2012-09/0106.htmlhttp://download.novell.com/Download?buildid=O5hTjIiMdMo~http://seclists.org/fulldisclosure/2012/Sep/161http://www.novell.com/support/kb/doc.php?id=7010772https://bugzilla.novell.com/show_bug.cgi?id=756330https://bugzilla.novell.com/show_bug.cgi?id=756924
2012-09-28
Published