Plugin 19228 reports the presence of a GroupWise WebAccess vulnerability
based on the version returned by the host's GroupWise program. The
vulnerability is present in versions lower than 6.5.5. The plugin checks
this page on the host -- /com/novell/webaccess/palm/en/aboutpqa.htm - to
determine the GroupWise version.
I scanned a client who had upgraded GroupWise from 6.5 to 7.03. The
client verified that "all GroupWise modules are at 7.0.3 (POA, MTA,
GWIA, WebAccess)." However, "aboutpqa.htm" still reported the version as
"Program Release: 6.5.4" and Nessus thus identified the host as running
a vulnerable version of GroupWise WebAccess.
The "aboutpqa.htm" page is part of the GroupWise Web Clipping
Application (PQA), also referred to as a Palm Query Application, which
enables Palm OS* device users to access their mailboxes through
WebAccess.
The cross-site scripting vulnerability appears to be a flaw in the
GroupWise WebAccess program, not specifically the Palm Query
Application. Should I consider this vulnerability repaired by the
client's upgrade to WebAccess 7.0, or is it still there if the PQA
module is running version 6.5?
I wonder if the "aboutpqa.htm" page is the best place for the plugin to
look to determine the WebAccess version. It seems that the main program
can be upgraded without affecting that page.
Thank you,
Miriam
based on the version returned by the host's GroupWise program. The
vulnerability is present in versions lower than 6.5.5. The plugin checks
this page on the host -- /com/novell/webaccess/palm/en/aboutpqa.htm - to
determine the GroupWise version.
I scanned a client who had upgraded GroupWise from 6.5 to 7.03. The
client verified that "all GroupWise modules are at 7.0.3 (POA, MTA,
GWIA, WebAccess)." However, "aboutpqa.htm" still reported the version as
"Program Release: 6.5.4" and Nessus thus identified the host as running
a vulnerable version of GroupWise WebAccess.
The "aboutpqa.htm" page is part of the GroupWise Web Clipping
Application (PQA), also referred to as a Palm Query Application, which
enables Palm OS* device users to access their mailboxes through
WebAccess.
The cross-site scripting vulnerability appears to be a flaw in the
GroupWise WebAccess program, not specifically the Palm Query
Application. Should I consider this vulnerability repaired by the
client's upgrade to WebAccess 7.0, or is it still there if the PQA
module is running version 6.5?
I wonder if the "aboutpqa.htm" page is the best place for the plugin to
look to determine the WebAccess version. It seems that the main program
can be upgraded without affecting that page.
Thank you,
Miriam