Detections
Analytics
Novell GroupWise MTA Web Console Accessible
high Nessus Plugin ID 35725
Language:
Synopsis
The remote web server allows unauthenticated access to administrative tools.Description
The remote web server is a Novell GroupWise MTA Web Console, used to monitor and potentially control a GroupWise MTA via a web browser.By allowing unauthenticated access, anyone may be able to do things such as discover the version of GroupWise installed on the remote host and its configuration, track GroupWise message traffic, or change the MTA's configuration settings.
Solution
Consult the GroupWise Administration Guide for information about restricting access to the MTA Web Console.See Also
http://www.novell.com/documentation/gw65/gw65_admin/data/a7xzvr1.html
http://www.novell.com/documentation/gw7/gw7_admin/data/a7xzvr1.html
http://www.novell.com/documentation/gw8/gw8_admin/data/a7xzvr1.html
Plugin Details
Severity: High
ID: 35725
File Name: groupwise_mta_http_accessible.nasl
Version: Revision: 1.10
Type: remote
Family: Web Servers
Published: 2/21/2009
Updated: 9/24/2015
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P