Vulnerabilities > CVE-2006-3268 - Unspecified vulnerability in Novell Groupwise

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
novell
nessus

Summary

Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office.

Nessus

NASL familyWindows
NASL idGROUPWISE_CLIENT_EMAIL_ACCESS.NASL
descriptionThe remote host is running GroupWise, an enterprise-class collaboration application from Novell. The version of GroupWise installed on the remote host contains a flaw in the client API that may allow a user to bypass security controls and gain access to non-authorized email within the same authenticated post office.
last seen2020-06-01
modified2020-06-02
plugin id22003
published2006-07-05
reporterThis script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/22003
titleNovell GroupWise Windows Client Arbitrary Email Access
code
#
#  (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description)
{
  script_id(22003);
  script_version("1.13");

  script_cve_id("CVE-2006-3268");
  script_bugtraq_id(18716);

  script_name(english:"Novell GroupWise Windows Client Arbitrary Email Access");
  script_summary(english:"Check the version of GroupWise client"); 
 
 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a mail client that may allow
unauthorized access to email messages." );
 script_set_attribute(attribute:"description", value:
"The remote host is running GroupWise, an enterprise-class
collaboration application from Novell. 

The version of GroupWise installed on the remote host contains a flaw
in the client API that may allow a user to bypass security controls
and gain access to non-authorized email within the same authenticated
post office." );
 script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/advisories/10778" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to GroupWise 6.5 SP6 Update 1 / 7 SP1 or later." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2006/07/05");
 script_set_attribute(attribute:"vuln_publication_date", value: "2006/06/19");
 script_cvs_date("Date: 2018/08/22 16:49:14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_end_attributes();

 
  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("groupwise_client_installed.nasl");
  script_require_keys("SMB/Novell GroupWise Client/Path", "SMB/Novell GroupWise Client/Version");

  exit(0);
}

include('global_settings.inc');
include('misc_func.inc');

version = get_kb_item_or_exit('SMB/Novell GroupWise Client/Version');
path = get_kb_item_or_exit('SMB/Novell GroupWise Client/Path');

ver = split(version, sep:'.');
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

fix = NULL;
if (ver[0] == 7) fix = '7.0.1.364';
else if (ver[0] < 7) fix = '6.57.0.0';

if (fix && ver_compare(ver:version, fix:fix) == -1)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix + '\n';
    security_warning(port:get_kb_item('SMB/transport'), extra:report);
  }
  else security_warning(port:get_kb_item('SMB/transport'));
}
else exit(0, 'The Novell GroupWise Client '+version+' install under '+path+' is not affected.');

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 18716 CVE(CAN) ID: CVE-2006-3268 Novell GroupWise是一款跨平台协作软件。 Novell GroupWise的客户端API实现上存在漏洞,攻击者可能利用漏洞绕过安全限制,访问某些非授权的邮件。 Novell Groupwise 7.x Novell Groupwise 6.x Novell Groupwise 5.x 厂商补丁: Novell ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: GroupWise 6.5: Apply SP6 Client Update 1 <a href=http://support.novell.com/filefinder/16963/index.html target=_blank>http://support.novell.com/filefinder/16963/index.html</a> GroupWise 7: Apply GroupWise 7 SP1 <a href=http://support.novell.com/filefinder/20641/index.html target=_blank>http://support.novell.com/filefinder/20641/index.html</a>
idSSV:2738
last seen2017-11-19
modified2007-12-31
published2007-12-31
reporterRoot
titleNovell Groupwise Windows客户端API非授权邮件访问漏洞