Check Point Advisories

Preemptive Protection against Novell GroupWise Internet Agent RRULE Parsing Buffer Overflow

Check Point Reference: CPAI-2010-159
Date Published: 30 Nov 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory SA40820
Protection Provided by:
Who is Vulnerable? Novell Groupwise 8.02 Novell Groupwise 8.01X Novell Groupwise 8.0x
Vulnerability Description A remote code execution vulnerability exists in Novell GroupWise Internet Agent (GWIA). Novell GroupWise Internet Agent is a component of Novell GroupWise and provides email services, supporting SMTP, POP, and IMAP protocols. The vulnerability is due to a buffer overflow when parsing a RRULE variable inside a crafted email message. A remote attacker could exploit this vulnerability by sending a malicious email to the target system. 
Update/Patch AvaliableNovell has released an advsiory to address this vulnerability. 
Vulnerability DetailsThe vulnerability exists in the parsing of VCALENDAR data when processing a RRULE variable. This can be exploited to cause a buffer overflow via a specially crafted e-mail message.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK