The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/50688
https://bugzilla.novell.com/show_bug.cgi?id=472979
http://www.vupen.com/english/advisories/2009/1393
http://www.securityfocus.com/bid/35066
http://www.novell.com/support/viewContent.do?externalId=7003266&sliceId=1