Novell GroupWise Internet Agent 8.x < 8.0.3 / 12.x < 12.0.1 Multiple Vulnerabilities

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is susceptible to a
denial of service attack.

Description :

The version of Novell GroupWise Internet Agent running on the remote
host is 8.x earlier than 8.0.3 or 12.x earlier than 12.0.1. It
therefore is potentially affected by multiple vulnerabilities :

- A denial of service vulnerability exists due to the way
that the application parses date information within a
received iCalendar message. A remote attacker could
exploit this flaw to crash the affected service.
(CVE-2011-3827)

- An unspecified integer overflow vulnerability exists
that could lead to code execution. (CVE-2012-0417)

- An arbitrary file retrieval vulnerability exists due to
a failure to properly filter certain crafted directory
traversal sequences in the HTTP interface.
(CVE-2012-0419)

See also :

http://secunia.com/secunia_research/2012-30/
http://www.novell.com/support/kb/doc.php?id=7010767
http://www.novell.com/support/kb/doc.php?id=7010770
http://www.novell.com/support/kb/doc.php?id=7010772

Solution :

Update GWIA to version 8.0.3, 12.0.1, or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 62284 ()

Bugtraq ID: 55574
55648
55731

CVE ID: CVE-2011-3827
CVE-2012-0417
CVE-2012-0419

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now