fkie_cve-2008-1330
Vulnerability from fkie_nvd
Published
2008-03-18 17:44
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of another user who has shared at least one folder with the attacker.
References
cve@mitre.orghttp://secunia.com/advisories/29409Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1019616
cve@mitre.orghttp://www.securityfocus.com/bid/28265
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0904
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/41223
cve@mitre.orghttps://secure-support.novell.com/KanisaPlatform/Publishing/732/3263374_f.SAL_Public.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/29409Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1019616
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/28265
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0904
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/41223
af854a3a-2127-422b-91ae-364da2661108https://secure-support.novell.com/KanisaPlatform/Publishing/732/3263374_f.SAL_Public.htmlPatch
Impacted products
Vendor Product Version
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5
novell groupwise 6.5.2
novell groupwise 6.5.3
novell groupwise 6.5.4
novell groupwise 6.5.6
novell groupwise 6.5.7
novell groupwise 6.5_sp6_update_1
novell groupwise 7.0
novell groupwise 7.0.0
novell groupwise 7.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "08A78BE7-6426-41CD-BBAF-9BB951726D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "E50599E1-45E5-443F-AAEC-F91778CA4792",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "F0BB62B7-C895-4AB6-9CEB-4B312E334953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "A91EAC4C-8EEE-4050-B1AD-E677AD90327D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "C7F65030-60A2-4EC2-A06D-EC5249FD9FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "8CB8A6AD-94E4-4871-9BCA-EC637161E70D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "814CAE15-78D8-4205-AC95-E07385A7B3DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "251EAE31-9799-453A-ABF7-F3D1C6602A81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "32AFA45E-7EA4-4067-BDB5-AB4391B3FE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8BA202-8147-4837-8C14-C7A60E70EFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D61CB70-5B89-4D12-AA31-9C4BF9A41813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:6.5_sp6_update_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7488A4DC-3A7E-4492-9EC7-2443CEB18E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:7.0.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "422F4B8A-8133-4DE2-9749-41E3DE0031DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:groupwise:7.0.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "DD25DC76-F3BE-4A0E-86DC-D27F4948446E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of another user who has shared at least one folder with the attacker."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en Windows client API de Novell GroupWise 7 antes de SP3 y 6.5 antes de SP6 Update 3 permite a usuarios remotamente autentificados acceder a los emails no compartidos almacenados de otro usuario que haya compartido al menos una carpeta con el atacante."
    }
  ],
  "id": "CVE-2008-1330",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-18T17:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29409"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019616"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28265"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0904"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41223"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/732/3263374_f.SAL_Public.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28265"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/732/3263374_f.SAL_Public.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        },
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.