Novell GroupWise Internet Agent 8.x <= 8.0.2 HP3 / 12.x < 12.0.1 Multiple Vulnerabilities

critical Nessus Plugin ID 62283

Synopsis

The remote Windows host has an application that is affected by a buffer overflow vulnerability.

Description

The version of Novell GroupWise Internet Agent running on the remote host is 8.x less than or equal to 8.0.2 HP3, or 12.x earlier than 12.0.1. As such, it is potentially affected by multiple vulnerabilities :

- A heap-based buffer overflow vulnerability exists when parsing requests to the web-based admin interface with a specially crafted Content-Length header.

- Multiple vulnerabilities exist in the bundled Oracle 'Outside In' viewer technology.

By exploiting these flaws, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Solution

Update GWIA to version 8.0.3 Hot Patch 1, 12.0.1, or later.

See Also

https://support.microfocus.com/kb/doc.php?id=7010769

Plugin Details

Severity: Critical

ID: 62283

File Name: groupwise_ia_803_hp1.nasl

Version: 1.13

Type: local

Agent: windows

Family: Windows

Published: 9/24/2012

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:novell:groupwise

Required KB Items: SMB/GWIA/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/14/2012

Vulnerability Publication Date: 9/14/2012

Exploitable With

ExploitHub (EH-12-497)

Reference Information

CVE: CVE-2012-0271, CVE-2012-1766, CVE-2012-1767, CVE-2012-1768, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, CVE-2012-3109, CVE-2012-3110

BID: 54497, 54500, 54504, 54506, 54511, 54531, 54536, 54541, 54543, 54546, 54548, 54550, 54554, 55551