发布时间 :2005-08-03 00:00:00
修订时间 :2016-10-17 23:26:20

[原文]Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.

[CNNVD]Novell GroupWise 缓冲区溢出漏洞(CNNVD-200508-021)

        Novell GroupWise是一款跨平台协作软件。
        Novell GroupWise中存在缓冲区溢出漏洞。攻击者可以通过以某种方式破坏GWVW02??.INI文件导致试图登录到被破坏post office的客户端上发生溢出,从而在受害用户机器上执行任意代码。
        请注意如果要利用这个漏洞,攻击者必须能够访问post office目录,而访问这个文件夹通常仅限于系统管理员。正确的系统安全措施可以防范这个漏洞。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20050727 [ISR] - Novell GroupWise Client Remote Buffer Overflow

- 漏洞信息

Novell GroupWise 缓冲区溢出漏洞
高危 缓冲区溢出
2005-08-03 00:00:00 2005-10-20 00:00:00
        Novell GroupWise是一款跨平台协作软件。
        Novell GroupWise中存在缓冲区溢出漏洞。攻击者可以通过以某种方式破坏GWVW02??.INI文件导致试图登录到被破坏post office的客户端上发生溢出,从而在受害用户机器上执行任意代码。
        请注意如果要利用这个漏洞,攻击者必须能够访问post office目录,而访问这个文件夹通常仅限于系统管理员。正确的系统安全措施可以防范这个漏洞。

- 公告与补丁


- 漏洞信息

Novell GroupWise Client ofview File Parsing Overflow
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

Novell GroupWise Client contains a flaw that may allow a malicious user, if he has gained access to the post office directory, to create a buffer overflow on a client that attempted to log into the compromised post office. The issue is triggered when parsing the file containing the labels of different views. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

- 时间线

2005-07-27 2005-07-05
Unknow Unknow

- 解决方案

Upgrade to version 6.5 (dated after 7/15/2005) or 6.5 SP5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Novell GroupWise Client Remote Buffer Overflow Vulnerability
Boundary Condition Error 14398
Yes No
2005-07-27 12:00:00 2009-07-12 04:06:00
Discovery is credited to Francisco Amato.

- 受影响的程序版本

Novell Groupwise 6.5.4
Novell Groupwise 6.5.3
Novell Groupwise 6.5.2
Novell Groupwise 6.5 SP4
Novell Groupwise 6.5 SP3
Novell Groupwise 6.5 SP2
Novell Groupwise 6.5 SP1
Novell Groupwise 6.5

- 漏洞讨论

Novell GroupWise Client is affected by a remote buffer overflow vulnerability.

Specifically, this vulnerability arises when a user attempts to log in to a GroupWise post office that contains a malicious 'GWVW02??.INI' file.

This can facilitate unauthorized access in the context of the user.

This issue affects all versions of Novell GroupWise 6.5 client dated prior to July 15, 2005.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: <>.

- 解决方案

Novell has released Technical Information Documents TID10098314 and TID2971927 including GroupWise 6.5 SP5 Client rev 6 to address this issue. Please see the referenced documents for more information.

- 相关参考