Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.GROUPWISE_IA_803_HP1.NASL
HistorySep 24, 2012 - 12:00 a.m.

Novell GroupWise Internet Agent 8.x <= 8.0.2 HP3 / 12.x < 12.0.1 Multiple Vulnerabilities

2012-09-2400:00:00
This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
www.tenable.com
15
JSON

The version of Novell GroupWise Internet Agent running on the remote host is 8.x less than or equal to 8.0.2 HP3, or 12.x earlier than 12.0.1. As such, it is potentially affected by multiple vulnerabilities :

  • A heap-based buffer overflow vulnerability exists when parsing requests to the web-based admin interface with a specially crafted Content-Length header.

  • Multiple vulnerabilities exist in the bundled Oracle ‘Outside In’ viewer technology.

By exploiting these flaws, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(62283);
  script_version("1.13");
  script_cvs_date("Date: 2018/11/15 20:50:27");
 
  script_cve_id(
    "CVE-2012-0271",
    "CVE-2012-1766",
    "CVE-2012-1767",
    "CVE-2012-1768",
    "CVE-2012-1769",
    "CVE-2012-1770",
    "CVE-2012-1771",
    "CVE-2012-1772",
    "CVE-2012-1773",
    "CVE-2012-3106",
    "CVE-2012-3107",
    "CVE-2012-3108",
    "CVE-2012-3109",
    "CVE-2012-3110"
  );
  script_bugtraq_id(
    54497,
    54500,
    54504,
    54506,
    54511,
    54531,
    54536,
    54541,
    54543,
    54546,
    54548,
    54550,
    54554,
    55551
  );

  script_name(english:"Novell GroupWise Internet Agent 8.x <= 8.0.2 HP3 / 12.x < 12.0.1 Multiple Vulnerabilities");
  script_summary(english:"Checks GWIA version");
 
  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has an application that is affected by a buffer
overflow vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Novell GroupWise Internet Agent running on the remote
host is 8.x less than or equal to 8.0.2 HP3, or 12.x earlier than 
12.0.1.  As such, it is potentially affected by multiple 
vulnerabilities :

  - A heap-based buffer overflow vulnerability exists when
    parsing requests to the web-based admin interface with
    a specially crafted Content-Length header. 

  - Multiple vulnerabilities exist in the bundled Oracle 
    'Outside In' viewer technology.

By exploiting these flaws, a remote, unauthenticated attacker could 
execute arbitrary code on the remote host subject to the privileges of
the user running the affected application.");
  script_set_attribute(attribute:"see_also", value:"https://support.microfocus.com/kb/doc.php?id=7010769");
  script_set_attribute(attribute:"solution", value:"Update GWIA to version 8.0.3 Hot Patch 1, 12.0.1, or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploithub_sku", value:"EH-12-497");
  script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/09/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe",value:"cpe:/a:novell:groupwise");
  script_end_attributes();
 
  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");

  script_dependencies("smb_enum_services.nasl", "groupwise_ia_detect.nasl");
  script_require_keys("SMB/GWIA/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("smb_func.inc");

version = get_kb_item_or_exit("SMB/GWIA/Version");
path = get_kb_item_or_exit("SMB/GWIA/Path");

# Unless we're paranoid, make sure the service is running.
if (report_paranoia < 2)
{
  status = get_kb_item_or_exit("SMB/svc/GWIA");
  if (status != SERVICE_ACTIVE)
    exit(0, "The GroupWise Internet Agent service is installed but not active.");
}

if (version =~ '^8\\.' && ver_compare(ver:version, fix:'8.0.2.16933') <= 0)
  fixed_version = '8.0.3.23395';
else if (version =~ '^12\\.' && ver_compare(ver:version, fix:'12.0.1.13731') == -1)
  fixed_version = '12.0.1.13731';

# Check the version number.
if (fixed_version);
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fixed_version + '\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
  exit(0);
}
audit (AUDIT_INST_PATH_NOT_VULN, 'GroupWise Internet Agent', version, path);
VendorProductVersionCPE
novellgroupwisecpe:/a:novell:groupwise

Related

securityvulns 3
nessus 5
mskb 2
cert 1
openvas 4
prion 14
cve 14
cvelist 14
checkpoint_advisories 2
ubuntucve 1
oracle 1
securityvulns
securityvulns
Microsoft Exchange Server WebReady Document Viewing multiple security vulnerabilities
2012-08-20 00:00:00
Microsoft Fast Search Server vulnerabilities
2012-10-09 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-10-28 00:00:00
nessus
nessus
Symantec Enterprise Vault < 10.0.2 Multiple Vulnerabilities in Oracle Outside-In Libraries (SYM12-015)
2012-10-09 00:00:00
MS12-058: Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)
2012-08-15 00:00:00
MS12-067: Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742321)
2012-10-10 00:00:00
mskb
mskb
MS12-058: Vulnerability in Microsoft Exchange Server WebReady document viewing could allow remote code execution: August 14, 2012
2012-08-14 00:00:00
MS12-067: Vulnerability in FAST Search Server 2010 for SharePoint parsing could allow remote code execution: October 9, 2012
2012-10-09 00:00:00
cert
cert
Oracle Outside In contains multiple exploitable vulnerabilities
2012-07-17 00:00:00
openvas
openvas
Microsoft FAST Search Server 2010 for SharePoint RCE Vulnerabilities (2742321)
2012-10-10 00:00:00
Microsoft FAST Search Server 2010 for SharePoint RCE Vulnerabilities (2742321)
2012-10-10 00:00:00
MS Exchange Server WebReady Document Viewing Remote Code Execution Vulnerabilities (2740358)
2012-08-15 00:00:00
prion
prion
Buffer overflow
2012-07-17 23:55:00
Buffer overflow
2012-07-17 23:55:00
Buffer overflow
2012-07-17 23:55:00
cve
cve
CVE-2012-1771
2012-07-17 23:55:00
CVE-2012-1772
2012-07-17 23:55:00
CVE-2012-1766
2012-07-17 23:55:00
cvelist
cvelist
CVE-2012-1771
2012-07-17 22:39:00
CVE-2012-3108
2012-07-17 22:39:00
CVE-2012-1767
2012-07-17 22:39:00
checkpoint_advisories
checkpoint_advisories
Novell GroupWise Internet Agent Content-length Integer Overflow (CVE-2012-0271)
2012-11-18 00:00:00
Oracle Outside In JPEG 2000 QCD Segment Processing Heap Buffer Overflow (CVE-2012-1769)
2012-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-1798
2012-03-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2012
2012-07-17 00:00:00
JSON
Related for GROUPWISE_IA_803_HP1.NASL
securityvulns3nessus5mskb2cert1openvas4prion14cve14cvelist14checkpoint_advisories2ubuntucve1oracle1