logo
DATABASE RESOURCES PRICING ABOUT US

Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities

Description

VUPEN Security Research Advisory - VUPEN-SR-2009-01 // VUPEN-SR-2009-02 Advisory URL: http://www.vupen.com/english/advisories/2009/1393 May 22, 2009 I. BACKGROUND ---------------------- Novell GroupWise is a complete collaboration software solution that provides information workers with e-mail, calendaring, instant messaging, task management, and contact and document management functions. The leading alternative to Microsoft Exchange, GroupWise has long been praised by customers and industry watchers for its security and reliability. http://www.novell.com/products/groupwise/ II. DESCRIPTION --------------------- VUPEN Security discovered two critical vulnerabilities affecting Novell GroupWise 8.x and 7.x. The first issue is caused due to a buffer overflow error in the Novell GroupWise Internet Agent (GWIA) when processing specially crafted email addresses via SMTP, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. The second vulnerability is caused due to a buffer overflow error in the Novell GroupWise Internet Agent (GWIA) when processing certain SMTP requests, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. III. AFFECTED PRODUCTS --------------------------------- Novell GroupWise version 7.03 HP2 and prior Novell GroupWise version 8.0.0 HP1 and prior IV. Exploit Codes & PoC ---------------------------- Fully functional remote code execution exploit codes have been developed by VUPEN Security and are available through the VUPEN Exploits & PoCs Service. http://www.vupen.com/exploits V. SOLUTION ------------------ For GroupWise 7.x systems, apply GroupWise 7.03 Hot Patch 3 (HP3) or later For GroupWise 8.0 systems, apply GroupWise 8.0 Hot Patch 2 (HP2) or later VI. CREDIT -------------- These vulnerabilities were discovered by Nicolas JOLY of VUPEN Security VII. REFERENCES ---------------------- http://www.vupen.com/english/advisories/2009/1393 http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1 http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1636 VIII. DISCLOSURE TIMELINE ----------------------------------- 18/02/2009 - Vendor notified 18/02/2009 - Vendor response 21/05/2009 - Vendor issues fixed version 22/05/2009 - Coordinated public Disclosure


Related