Plugin 19228 reports the presence of a GroupWise WebAccess vulnerability based on the version returned by the host's GroupWise program. The vulnerability is present in versions lower than 6.5.5. The plugin checks this page on the host -- /com/novell/webaccess/palm/en/aboutpqa.htm - to determine the GroupWise version.
I scanned a client who had upgraded GroupWise from 6.5 to 7.03. The client verified that "all GroupWise modules are at 7.0.3 (POA, MTA, GWIA, WebAccess)." However, "aboutpqa.htm" still reported the version as "Program Release: 6.5.4" and Nessus thus identified the host as running a vulnerable version of GroupWise WebAccess. The "aboutpqa.htm" page is part of the GroupWise Web Clipping Application (PQA), also referred to as a Palm Query Application, which enables Palm OS* device users to access their mailboxes through WebAccess. The cross-site scripting vulnerability appears to be a flaw in the GroupWise WebAccess program, not specifically the Palm Query Application. Should I consider this vulnerability repaired by the client's upgrade to WebAccess 7.0, or is it still there if the PQA module is running version 6.5? I wonder if the "aboutpqa.htm" page is the best place for the plugin to look to determine the WebAccess version. It seems that the main program can be upgraded without affecting that page. Thank you, Miriam
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
