it seems Marc Ruef of "Attack Tool Kit" fame has discovered authentication can be bypassed in novell groupwise webaccess by using a $QUERY_STRING variant error to name another error page.

Read all about it