Novell GroupWise Client Address Book File Handling Email Address Field Remote Overflow

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an email application that is
affected by a remote buffer overflow vulnerability.

Description :

The version of Novell GroupWise Client 8.x installed on the remote
Windows host is earlier than 8.0.2 post-HP3. As such, it is
reportedly affected by a buffer overflow vulnerability when parsing an
Address Book (.nab) file with an overly long email address.

By tricking a user into opening a specially crafted Address Book file,
a remote, unauthenticated attacker could potentially execute arbitrary
code on the remote host subject to the privileges of the user running
the affected application.

See also :

http://www.nessus.org/u?25ae0d50
http://www.novell.com/support/viewContent.do?externalId=7010205

Solution :

Upgrade to Novell GroupWise Client 8.0.2 post-HP3 (8.0.2.19083) or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 58402 ()

Bugtraq ID: 52233

CVE ID: CVE-2011-4189

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now