Release date:
Updated on:
Affected Systems:
Novell GroupWise Messenger 2.0.3 HP1
Novell GroupWise Messenger 2.0.3
Novell GroupWise Messenger 2.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52056
Novell GroupWise Messenger is a real-time communication tool based on the GroupWise platform. The NM_A_PARM1 tag of the "login" command is base64 encrypted with blowfish "username: password" string.
Novell GroupWise Messenger has a heap memory corruption vulnerability. Attackers can exploit this vulnerability to execute arbitrary code and cause DOS.
<* Source: Luigi Auriemma (aluigi@pivx.com)
Link: http://aluigi.org/adv/nmma_1-adv.txt
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://aluigi.org/poc/nmma_x.zip
Nmma_x 1 SERVER
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Novell
------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://support.novell.com/security-alerts