Novell GroupWise Windows Client Arbitrary Email Access
Medium Nessus Plugin ID 22003
SynopsisThe remote Windows host contains a mail client that may allow unauthorized access to email messages.
DescriptionThe remote host is running GroupWise, an enterprise-class collaboration application from Novell.
The version of GroupWise installed on the remote host contains a flaw in the client API that may allow a user to bypass security controls and gain access to non-authorized email within the same authenticated post office.
SolutionUpgrade to GroupWise 6.5 SP6 Update 1 / 7 SP1 or later.