-
Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
Disclosure Date: 2013-01-30First seen: 2020-04-26exploit/windows/browser/novell_groupwise_gwcls1_actvxThis module exploits a vulnerability in the Novell GroupWise Client gwcls1.dll ActiveX. Several methods in the GWCalServer control use user provided data as a pointer, which allows to read arbitrary memory and execute arbitrary code. This module has been tested successfully with GroupWise Client 2012 on IE6 - IE9. The JRE6 needs to be installed to achieve ASLR bypass. Authors: - rgod <rgod@autistici.org> - juan vazquez <juan.vazquez@metasploit.com> -
Novell Groupwise Agents HTTP Directory Traversal
First seen: 2020-04-26auxiliary/scanner/http/groupwise_agents_http_traversalThis module exploits a directory traversal vulnerability in Novell Groupwise. The vulnerability exists in the web interface of both the Post Office and the MTA agents. This module has been tested successfully on Novell Groupwise 8.02 HP2 over Windows 2003 SP2. Authors: - r () b13$ - juan vazquez <juan.vazquez@metasploit.com>
2 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details