10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.509 Medium
EPSS
Percentile
97.5%
Added: 06/05/2009
CVE: CVE-2009-1636
BID: 35064
OSVDB: 54645
Novell GroupWise is an e-mail and collaboration product suite.
A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address to the SMTP service.
Apply GroupWise 7.03 Hot Patch 3 or 8.0 Hot Patch 2.
<http://www.novell.com/support/viewContent.do?externalId=7003273>
Exploit works on Novell GroupWise 7.03. After running this exploit, there may be a delay before the shell connection is established.
Windows 2000