Arbitrary File Read/Write Vulnerability in Novell GroupWise 2014 Administration Service

CVE-2014-0600

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

Learn more about our Cis Benchmark Audit For Ibm I.