CVE-2004-2104 - Jowliest Save

Description

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information including the internal IP address via a direct request to (1) snoop.jsp (2) SnoopServlet (3) env.bas or (4) lcgitest.nlm.

Reference

http://secunia.com/advisories/10711 http://www.securityfocus.com/bid/9479 http://www.osvdb.org/3715 http://www.osvdb.org/3720 http://www.osvdb.org/3721 http://www.osvdb.org/3722 http://www.osvdb.org/4952 http://marc.info/?l=bugtraq&m=107487862304440&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14921