Nessus Plugin #12122
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Novell Groupwise Servlet Manager default password
- Family:
- Netware
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2004 David Kyger
- Summary:
- Checks for Netware servlet server default password
- Version:
- $Revision: 1.2 $
- Cve_id:
- CAN-2001-1195
- Bugtraq_id:
- 3697
- Xrefs:
- -
- Description:
The Novell Groupwise servlet server is configured with the default password.
As a result, users could be denied access to mail and other servlet
based resources.
To test this finding:
https://<host>/servlet/ServletManager/
enter 'servlet' for the user and 'manager' for the password.
Solution: Change the default password
Edit SYS:\JAVA\SERVLETS\SERVLET.PROPERTIES
change the username and password in this section
servlet.ServletManager.initArgs=datamethod=POST,user=servlet,password=manager,bgcolor
See also: http://www.securityfocus.com/bid/3697
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.