Added: 04/20/2006
CVE: CVE-2006-0992
BID: 17503
OSVDB: 24617
Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP.
A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted **Accept-Language**
header in an HTTP request.
Apply the fix referenced in Novell Technical Information Document 10100861.
<http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0264.html>
Exploit works on Novell GroupWise Messenger Server 2.0.
Windows