Synopsis :

The remote Windows host has an application that is affected by
multiple vulnerabilities.

Description :

The version of Novell GroupWise Internet Agent running on the remote
host is earlier than 8.0.2 HP3. Such versions are potentially
affected by multiple issues :

- Multiple denial of service issues exist because the
application does not adequately verify user-supplied
inputs. (CVE-2011-2218, CVE-2011-2219)

- A stack-based buffer overflow exists because the
application fails to perform adequate boundary checks on
user-supplied data. (CVE-2011-0334)

- A remote code execution vulnerability exists in the
GroupWise Internet Agent Yearly RRULE variable.
(CVE-2011-2663)

- A remote code execution vulnerability exists due to the
way the application parses the time zone description
(TZNAME) variable within a received VCALENDAR message.
(CVE-2011-0333)

- A remote code execution vulnerability exists due to the
way the application parses the weekly calendar
recurrence (RRULE) variable within a received VCALENDAR
message. (CVE-2011-2662)

See also :

http://www.nessus.org/u?5c0a7f23
http://www.nessus.org/u?cb2ae5ca
http://www.nessus.org/u?96f7e22e
http://www.nessus.org/u?8f078d7e
http://www.nessus.org/u?c2967b20
http://secunia.com/secunia_research/2011-66/
http://secunia.com/secunia_research/2011-67/

Solution :

Update GWIA to version 8.0.2 Hot Patch 3 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false