Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

critical Nessus Plugin ID 25084


It is possible to execute code on the remote host.


The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication.

By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative privileges.


Upgrade to GroupWise 7.0 SP2 or later.

See Also

Plugin Details

Severity: Critical

ID: 25084

File Name: groupwise_webaccess_overflow.nasl

Version: 1.17

Type: remote

Published: 4/23/2007

Updated: 11/15/2018

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:groupwise_webaccess

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/16/2007

Vulnerability Publication Date: 4/18/2007

Exploitable With


Reference Information

CVE: CVE-2007-2171

BID: 23556