Check Point Advisories

Update Protection against Novell GroupWise Internet Agent Content-Type Buffer Overflow

Check Point Reference: CPAI-2010-167
Date Published: 22 Dec 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory 40820
Protection Provided by:
Who is Vulnerable? Novell Groupwise 8.0
Novell Groupwise 8.01X
Novell Groupwise 8.02
Vulnerability Description A buffer overflow vulnerability was reported in Novell GroupWise Internet Agent (GWIA), a component of Novell GroupWise. GWIA provides email services and support in SMTP, POP, and IMAP protocols. The vulnerability is due to improper validation of data received within the "Content-Type" header of received messages. A remote attacker could exploit this vulnerability to execute arbitrary code on a vulnerable installations of GWIA.  
Update/Patch AvaliableNovell has released an advisory to address this vulnerability.
Vulnerability DetailsThe vulnerability is due to a boundary failure in the methods responsible for processing the data inside the Content-header field of the message.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK