SSL: Groupwise Default Password
This signature detects HTTP connections to a Novell Groupwise servlet server using the default password. This password is published in Novell documentation and can be used to control the servlet services remotely.
Extended Description
Novell Groupwise Servlet Gateway is a product that allows Java servlets to be run with NetWare, using Novell JVM for NetWare v1.1.7b and NetWare Enterprise Web Server. A remote attacker may gain access to the Servlet Manager interface by entering the default username/password. The default username is "servlet" and the default password is "manager".
Affected Products
Novell groupwise_enhancement_pack
Short Name
SSL:DEFAULT-PW
Severity
Warning
Recommended
False
Recommended Action
None
Category
SSL
Keywords
CVE-2001-1195 Default Groupwise Password bid:3697
Release Date
01/27/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Novell
CVSS Score
7.5