In association with heise online

30 April 2008, 13:10

Security vulnerability in Groupwise

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Juan Pablo Lopez Yacubian has discovered a vulnerability in Novell Groupwise 7 that allows attackers to inject arbitrary program code covertly by means of crafted websites. Novell has yet to provide a fix.

Yacubian writes that Groupwise 7 crashes when handling excess length mailto: URLs, which can be embedded in a website and automatically called if, for example, an <IMG> tag is used. A buffer overflow then occurs, and the security advisory states that the processor's EIP (extended instruction pointer) can then be manipulated to allow injected program code to be launched.

Yacubian does not say precisely which version of the software is affected, but merely writes that he found the flaw in Groupwise 7 on Windows XP. Since mid-March, Service Pack 3 for GroupWise 7 has been available for downloading from Novell's website; this version probably still contains the flaw. Administrators can prevent the automatic exploitation of this flaw on their clients by using a different program as the standard application for mailto: URLs or disabling the automatic assignment to a program. Those who use a proxy can inspect and filter mailto: URLs in HTML websites.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit