GroupWise Internet Agent < 8.0.2 HP3 Multiple Vulnerabilities

critical Nessus Plugin ID 56385

Synopsis

The remote Windows host has an application that is affected by multiple vulnerabilities.

Description

The version of Novell GroupWise Internet Agent running on the remote host is earlier than 8.0.2 HP3. Such versions are potentially affected by multiple issues :

- Multiple denial of service issues exist because the application does not adequately verify user-supplied inputs. (CVE-2011-2218, CVE-2011-2219)

- A stack-based buffer overflow exists because the application fails to perform adequate boundary checks on user-supplied data. (CVE-2011-0334)

- A remote code execution vulnerability exists in the GroupWise Internet Agent Yearly RRULE variable.
(CVE-2011-2663)
- A remote code execution vulnerability exists due to the way the application parses the time zone description (TZNAME) variable within a received VCALENDAR message.
(CVE-2011-0333)
- A remote code execution vulnerability exists due to the way the application parses the weekly calendar recurrence (RRULE) variable within a received VCALENDAR message. (CVE-2011-2662)

Solution

Update GWIA to version 8.0.2 Hot Patch 3 or later.

See Also

http://www.nessus.org/u?5c0a7f23

http://www.nessus.org/u?cb2ae5ca

http://www.nessus.org/u?96f7e22e

http://www.nessus.org/u?8f078d7e

http://www.nessus.org/u?c2967b20

https://secuniaresearch.flexerasoftware.com/secunia_research/2011-66/

https://secuniaresearch.flexerasoftware.com/secunia_research/2011-67/

Plugin Details

Severity: Critical

ID: 56385

File Name: groupwise_ia_802_hp3.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 10/4/2011

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:groupwise

Required KB Items: SMB/GWIA/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/26/2011

Vulnerability Publication Date: 9/26/2011

Reference Information

CVE: CVE-2011-0333, CVE-2011-0334, CVE-2011-2218, CVE-2011-2219, CVE-2011-2662, CVE-2011-2663

BID: 49774, 49775, 49777, 49779, 49781