header-logo
Suggest Exploit
vendor:
Groupwise Servlet Gateway
by:
SecurityFocus
7.5
CVSS
HIGH
Default Credentials
522
CWE
Product Name: Groupwise Servlet Gateway
Affected Version From: Novell JVM for NetWare v1.1.7b
Affected Version To: NetWare Enterprise Web Server
Patch Exists: YES
Related CWE: CVE-2001-0753
CPE: a:novell:groupwise_servlet_gateway
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: NetWare
2001

Default Credentials

Novell Groupwise Servlet Gateway is vulnerable to an authentication bypass vulnerability due to the use of default credentials. An attacker can exploit this vulnerability by entering the default username “servlet” and password “manager” into the Servlet Manager interface.

Mitigation:

Users should change the default credentials for the Servlet Manager interface.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/3697/info

Novell Groupwise Servlet Gateway is a product that allows Java servlets to be run with NetWare, using Novell JVM for NetWare v1.1.7b and NetWare Enterprise Web Server.

A remote attacker may gain access to the Servlet Manager interface by entering the default username/password. The default username is "servlet" and the default password is "manager".

http://server/servlet/ServletManager
username servlet
password manager

Navigation

Suggest Exploit

Services By CQR