Preemptive Protection against Novell GroupWise Internet Agent IMAP Service Stack Buffer Overflow
| Check Point Reference: | CPAI-2010-145 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Secunia Advisory SA40622 | |
| Industry Reference(s): | N/A |
|
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Novell Groupwise 7.0 Novell Groupwise 7.01 Novell Groupwise 7.02 Novell Groupwise 7.03x Novell Groupwise 7.04 Novell Groupwise 8.0 Novell Groupwise 8.01x | ||
| Vulnerability Description A buffer overflow vulnerability exists in Novell GroupWise Internet Agent, a client-server collaborative software and email system provided by Novell. The vulnerability is within the IMAP component of the GroupWise Internet Agent service and is due to a boundary error while handling provided mailbox name for the CREATE command. |
||
|
Update/Patch Available Vendor's advisory. |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the IMAP functionality of the GroupWise Internet Agent (GWIA.exe) service. Remote authenticated attackers could exploit the vulnerability by sending a crafted CREATE command with an overly long mailbox name. |
Protection Overview IPS-1 has been preemptive against this vulnerability since March 2005. The protection detects and blocks IMAP mailbox commands that specifiy names that are longer than a pre-defined threshold.
To configure the defense, select your product from the list below and follow the related protection steps.