Exploit: The following commands can be issued by a client connected to a NetWare 4.x or IntranetWare server, revealing most if not all user account names, in addition to most of if not the entire tree layout. CX /T /A /R - list all readable user and container object names in tree, and can give a rather accurate layout of the containers and basic contents NLIST USER /D - list info regarding user names in current context NLIST GROUPS /D - list groups and group membership in current context NLIST SERVER /D - list server names and OS versions, and if attached reveal if accounting is installed or not NLIST /OT=* /DYN /D - list all readable objects, including dynamic objects, names of NDS trees, etc