Vulnerabilities > CVE-2007-2171 - Remote Buffer Overflow vulnerability in Novell Groupwise 7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | Gain a shell remotely |
| NASL id | GROUPWISE_WEBACCESS_OVERFLOW.NASL |
| description | The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative privileges. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25084 |
| published | 2007-04-23 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25084 |
| title | Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow |
Saint
| bid | 23556 |
| description | Novell GroupWise WebAccess base64_decode buffer overflow |
| id | mail_web_groupwisever,mail_web_groupwiseauthbo |
| osvdb | 35018 |
| title | groupwise_webaccess_base64_decode |
| type | remote |
References
- http://download.novell.com/Download?buildid=8RF83go0nZg~
- http://download.novell.com/Download?buildid=O9ucpbS1bK0~
- http://secunia.com/advisories/24944
- http://securityreason.com/securityalert/2610
- http://www.securityfocus.com/archive/1/466212/100/0/threaded
- http://www.securityfocus.com/bid/23556
- http://www.securitytracker.com/id?1017932
- http://www.vupen.com/english/advisories/2007/1455
- http://www.zerodayinitiative.com/advisories/ZDI-07-015.html