Lucene search
K

5 matches found

Saint
Saint
added 2007/04/25 12:0 a.m.31 views

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

10CVSS7.9AI score0.24332EPSS
Exploits5
Saint
Saint
added 2007/04/25 12:0 a.m.31 views

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

10CVSS7.9AI score0.24332EPSS
Exploits5
canvas
canvas
added 2007/04/24 8:19 p.m.50 views

Immunity Canvas: GROUPWISE_WEBACCESS

Name| groupwisewebaccess ---|--- CVE| CVE-2007-2171 Exploit Pack| CANVAS Description| Novell GroupWise WebAccess Base64 Decoding Stack Overflow Notes| CVE Name: CVE-2007-2171 VENDOR: Novell VersionsAffected: Repeatability: References: http://www.zerodayinitiative.com/advisories/ZDI-07-015.html CV...

10CVSS6.4AI score0.24332EPSS
Exploits5
CVE
CVE
added 2007/04/24 8:0 p.m.60 views

CVE-2007-2171

Summary: CVE-2007-2171 is a stack-based overflow in the base64_decode function of Novell GroupWise WebAccess, specifically in GWINTER.exe, exploited via overly long Base64 content in an HTTP Basic Authentication request. Affected product/component: Novell GroupWise WebAccess (GWINTER.exe) prior t...

10CVSS7.8AI score0.24332EPSS
Exploits5References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/04/23 12:0 a.m.42 views

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative...

10CVSS6AI score0.24332EPSS
Exploits5References3
Rows per page
Query Builder