CVE-2001-1231

Novell GroupWise 5.5 and 6 - Unauthenticated Credential Exposure via Network Traffic Sniffing

Title source: llm
STIX 2.1

Description

GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.

References (4)

Core 4
Core References
Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/204672
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3189
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6998
Patch, Vendor Advisory x_refsource_confirm
http://support.novell.com/padlock/details.htm

Scores

EPSS 0.0705
EPSS Percentile 91.6%

Details

Status published
Products (2)
novell/groupwise 5.5
novell/groupwise 6.0
Published Aug 14, 2001
Tracked Since Feb 18, 2026