19 April 2007, 09:57
Novell provides patches for GroupWise
Novell has provided an update for their GroupWise groupware and messaging solution, to fix a hole that may be exploited to gain remote access to a PC. The bug resides in the WebAccess Agent listening on ports 7205 and 7211. It causes a buffer overflow when handling HTTP authentication requests of excess length.
According to the Zero Day Initiative (ZDI), attackers can use packets with manipulated Base64-coded data to exploit this flaw for arbitrary code execution. This bug affects Novell GroupWise 7.x. The updates provide fixes for Windows, Netware and Linux.
(mba)
Print Version | Send by email
| Permalink: http://h-online.com/-732665
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
