OSVDB ID: 35018

Title: Novell GroupWise WebAccess GWINTER.exe Basic Authentication Base64 Decoding Overflow

Info

Disclosure

Apr 18, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Apr 16, 2007

Description

A remote stack-based overflow exists in the WebAccess agent GWINTER.exe. With a specially crafted HTTP Basic authentication request sent to port 7205/TCP or 7211/TCP, an attacker can execute arbitrary commands with elevated privileges resulting in a loss of integrity.

Classification

Location: Local / Remote
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Private, Exploit Commercial
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 7.02 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Novell, Inc.	Groupwise	7.0 SP1
		7.0 GA

References

Security Tracker: 1017932
CVE ID: 2007-2171 (see also: NVD)
Bugtraq ID: 23556
Secunia Advisory ID: 24944
SCIP VulDB ID: 3036
VUPEN Advisory: ADV-2007-1455
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0547.html
Vendor Specific News/Changelog Entry: http://download.novell.com/Download?buildid=8RF83go0nZg~
http://download.novell.com/Download?buildid=O9ucpbS1bK0~
Generic Exploit URL: http://www.saintcorporation.com
http://www.saintcorporation.com/cgi-bin/exploit_info/groupwise_webaccess_base64_decode
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-015.html

Credit

Tenable Network Security -

Direct URL: http://osvdb.org/35018

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Novell, Inc.

Groupwise

References

Credit