Novell GroupWise Internet Agent 8.x <= 8.0.2 HP3 / 12.x < 12.0.1 Multiple Vulnerabilities

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by a buffer
overflow vulnerability.

Description :

The version of Novell GroupWise Internet Agent running on the remote
host is 8.x less than or equal to 8.0.2 HP3, or 12.x earlier than
12.0.1. As such, it is potentially affected by multiple
vulnerabilities :

- A heap-based buffer overflow vulnerability exists when
parsing requests to the web-based admin interface with
a specially crafted Content-Length header.

- Multiple vulnerabilities exist in the bundled Oracle
'Outside In' viewer technology.

By exploiting these flaws, a remote, unauthenticated attacker could
execute arbitrary code on the remote host subject to the privileges of
the user running the affected application.

See also :

http://www.novell.com/support/kb/doc.php?id=7010769

Solution :

Update GWIA to version 8.0.3 Hot Patch 1, 12.0.1, or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true