In association with heise online

19 April 2007, 09:57

Novell provides patches for GroupWise

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Novell has provided an update for their GroupWise groupware and messaging solution, to fix a hole that may be exploited to gain remote access to a PC. The bug resides in the WebAccess Agent listening on ports 7205 and 7211. It causes a buffer overflow when handling HTTP authentication requests of excess length.

According to the Zero Day Initiative (ZDI), attackers can use packets with manipulated Base64-coded data to exploit this flaw for arbitrary code execution. This bug affects Novell GroupWise 7.x. The updates provide fixes for Windows, Netware and Linux.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit