Preemptive Protection against Novell Groupwise Internet Agent RCPT Command Buffer Overflow
| Check Point Reference: | CPAI-2009-041 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA33744 | |
| Industry Reference(s): | ||
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Novell Groupwise 6.5.x Novell Groupwise 7.0 Novell Groupwise 7.01 Novell Groupwise 7.02x Novell Groupwise 7.03 Novell Groupwise 7.03HP1a Novell Groupwise 8.0 | ||
| Vulnerability Description A buffer overflow vulnerability was reported in Novell GroupWise, a client-server collaborative software and email system provided by Novell. The vulnerability is due to a boundary error while processing specially crafted SMTP requests. Remote attackers can exploit this vulnerability to execute arbitrary code on the target server. |
||
|
Update/Patch Available Vendor has released a patch: http://download.novell.com/Download?buildid=GjZRRdqCFW0 |
|
|
Vulnerability Details The vulnerability is caused due to an off-by-one error when processing SMTP RCPT arguments within the Novell GroupWise Internet Agent (GWIA) SMTP daemon. This can be exploited to crash the vulnerable service or potentially execute arbitrary code via an overly long email address. |
Protection Overview
IPS-1 has protected against this vulnerability since January 2005. No update required.
By enabling this protection, IPS-1 will detect and block SMTP commands which are longer than a configurable threshold. The user can modify this threshold via the 'SMTP Command length checks' variable. The default is 128 characters.
To configure the defense, select your product from the list below and follow the related protection steps.