Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21877
HistoryMay 25, 2009 - 12:00 a.m.

Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities

2009-05-2500:00:00
vulners.com
76
JSON

VUPEN Security Research Advisory - VUPEN-SR-2009-01 // VUPEN-SR-2009-02

Advisory URL: http://www.vupen.com/english/advisories/2009/1393

May 22, 2009

I. BACKGROUND

Novell GroupWise is a complete collaboration software solution that
provides information workers with e-mail, calendaring, instant
messaging, task management, and contact and document management
functions. The leading alternative to Microsoft Exchange, GroupWise
has long been praised by customers and industry watchers for its
security and reliability.

http://www.novell.com/products/groupwise/

II. DESCRIPTION

VUPEN Security discovered two critical vulnerabilities affecting Novell
GroupWise 8.x and 7.x.

The first issue is caused due to a buffer overflow error in the Novell
GroupWise Internet Agent (GWIA) when processing specially crafted
email addresses via SMTP, which could be exploited by remote
unauthenticated attackers to execute arbitrary code with SYSTEM
privileges.

The second vulnerability is caused due to a buffer overflow error in
the Novell GroupWise Internet Agent (GWIA) when processing certain
SMTP requests, which could be exploited by remote unauthenticated
attackers to execute arbitrary code with SYSTEM privileges.

III. AFFECTED PRODUCTS

Novell GroupWise version 7.03 HP2 and prior
Novell GroupWise version 8.0.0 HP1 and prior

IV. Exploit Codes & PoC

Fully functional remote code execution exploit codes have been
developed by VUPEN Security and are available through the
VUPEN Exploits & PoCs Service.

http://www.vupen.com/exploits

V. SOLUTION

For GroupWise 7.x systems, apply GroupWise 7.03 Hot Patch 3 (HP3) or later

For GroupWise 8.0 systems, apply GroupWise 8.0 Hot Patch 2 (HP2) or later

VI. CREDIT

These vulnerabilities were discovered by Nicolas JOLY of VUPEN Security

VII. REFERENCES

http://www.vupen.com/english/advisories/2009/1393
http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1
http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1636

VIII. DISCLOSURE TIMELINE

18/02/2009 - Vendor notified
18/02/2009 - Vendor response
21/05/2009 - Vendor issues fixed version
22/05/2009 - Coordinated public Disclosure

Related

saint 4
checkpoint_advisories 2
seebug 1
prion 1
nessus 1
cve 1
saint
saint
Novell GroupWise Internet Agent e-mail address buffer overflow
2009-06-05 00:00:00
Novell GroupWise Internet Agent e-mail address buffer overflow
2009-06-05 00:00:00
Novell GroupWise Internet Agent e-mail address buffer overflow
2009-06-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Novell GroupWise Email Address Processing Buffer Overflow (CVE-2009-1636)
2009-09-17 00:00:00
Novell GroupWise Internet Agent AUTH LOGIN Command Buffer Overflow (CVE-2009-1636)
2010-01-31 00:00:00
seebug
seebug
Novell GroupWise Internet代理邮件地址处理缓冲区溢出漏洞
2009-05-25 00:00:00
prion
prion
Buffer overflow
2009-05-26 15:30:00
nessus
nessus
Novell GroupWise Internet Agent < 7.03 HP3 / 8.0 HP2 Multiple Buffer Overflows
2009-06-01 00:00:00
cve
cve
CVE-2009-1636
2009-05-26 15:30:00
JSON
Related for SECURITYVULNS:DOC:21877
saint4checkpoint_advisories2seebug1prion1nessus1cve1