Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:10739
Category:Web application abuses
Title:Novell Web Server NDS Tree Browsing
Summary:The Novell Web Server default ndsobj.nlm CGI (LCGI) was; detected. This CGI allows browsing of the NDS Tree without any need for authentication.;; Gaining access to the NDS Tree reveals sensitive information to an attacker.
Description:Summary:
The Novell Web Server default ndsobj.nlm CGI (LCGI) was
detected. This CGI allows browsing of the NDS Tree without any need for authentication.

Gaining access to the NDS Tree reveals sensitive information to an attacker.

Solution:
Configure your Novell Web Server to block access to this CGI,
or delete it if you do not use it.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 484
Common Vulnerability Exposure (CVE) ID: CVE-1999-1020
http://www.securityfocus.com/bid/484
Bugtraq: 19980918 NMRC Advisory - Default NDS Rights (Google Search)
http://marc.info/?l=bugtraq&m=90613355902262&w=2
XForce ISS Database: novell-nds(1364)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1364
CopyrightCopyright (C) 2001 SecuriTeam

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.