| VID |
23190 |
| Severity |
40 |
| Port |
7205,7211 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The Novell Groupwise WebAccess, according to its banner, has a buffer overflow vulnerability in processing HTTP Basic authentication. Novell GroupWise (GW) WebAccess versions prior to 7.0 SP2 are vulnerable to a stack-based buffer overflow vulnerability, caused by improper handling of an HTTP Basic authentication request by GWINTER.exe. By sending a specialy-crafted request, a remote attacker could exploit this exploit to execute code on the affected host with adminsitrative privileges.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/archive/1/466212/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-07-015.html
http://www.frsirt.com/english/advisories/2007/1455
http://www.securitytracker.com/id?1017932
http://secunia.com/advisories/24944
* Platforms Affected:
Novell GroupWise 7.0
Novell GroupWise 7.0 SP1
Novell NetWare 5.1, 6, 6.5
Microsoft Windows Any version
SuSE Linux Enterprise Server Any version |
| Recommendation |
Apply the appropriate patch for Novell Groupwise WebAccess, available from the following Novell Download Web Sites:
http://download.novell.com/Download?buildid=8RF83go0nZg~
http://download.novell.com/Download?buildid=O9ucpbS1bK0~ |
| Related URL |
CVE-2007-2171 (CVE) |
| Related URL |
23556 (SecurityFocus) |
| Related URL |
33744 (ISS) |
|
