VUPEN Security Research Advisory - VUPEN-SR-2009-01 // VUPEN-SR-2009-02
Advisory URL: http://www.vupen.com/english/advisories/2009/1393
May 22, 2009
Novell GroupWise is a complete collaboration software solution that provides information workers with e-mail, calendaring, instant messaging, task management, and contact and document management functions. The leading alternative to Microsoft Exchange, GroupWise has long been praised by customers and industry watchers for its security and reliability.
VUPEN Security discovered two critical vulnerabilities affecting Novell GroupWise 8.x and 7.x.
The first issue is caused due to a buffer overflow error in the Novell GroupWise Internet Agent (GWIA) when processing specially crafted email addresses via SMTP, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges.
The second vulnerability is caused due to a buffer overflow error in the Novell GroupWise Internet Agent (GWIA) when processing certain SMTP requests, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges.
Novell GroupWise version 7.03 HP2 and prior Novell GroupWise version 8.0.0 HP1 and prior
Fully functional remote code execution exploit codes have been developed by VUPEN Security and are available through the VUPEN Exploits & PoCs Service.
For GroupWise 7.x systems, apply GroupWise 7.03 Hot Patch 3 (HP3) or later
For GroupWise 8.0 systems, apply GroupWise 8.0 Hot Patch 2 (HP2) or later
These vulnerabilities were discovered by Nicolas JOLY of VUPEN Security
http://www.vupen.com/english/advisories/2009/1393 http://www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1 http://www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1636
18/02/2009 - Vendor notified 18/02/2009 - Vendor response 21/05/2009 - Vendor issues fixed version 22/05/2009 - Coordinated public Disclosure