CVE-2013-1085 – Novell GroupWise Messenger import Command Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1085
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter. Desbordamiento de búfer basado en pila en el nim: protocolo de manejo en Novell GroupWise Messenger v2.04 y anteriores, y Novell Messenger v2.1.x y v2.2.2, que permite a atacantes remotos ejecutar código arbitrario a través de un comando de importación que contiene una cadena larga en el parámetro de nombre de archivo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Messenger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of specific commands passed to the messenger via the nim:// protocol handler. By crafting a page with a large filename parameter within an import command, a stack-based buffer overflow can be made to occur. • http://www.novell.com/support/kb/doc.php?id=7011935 http://www.zerodayinitiative.com/advisories/ZDI-13-036 https://bugzilla.novell.com/show_bug.cgi?id=777352 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-3179
https://notcve.org/view.php?id=CVE-2011-3179
The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command. El proceso server en Novell Messenger v2.1 y v2.2.x antes de v2.2.1 y GroupWise Messenger v2.04 y anteriores permite a atacantes remotos leer direcciones de memoria de su elección a través de comandos modificados. • http://www.novell.com/support/viewContent.do?externalId=7009634 https://bugzilla.novell.com/show_bug.cgi?id=712158 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-2704
https://notcve.org/view.php?id=CVE-2008-2704
Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. GroupWise Messenger (GWIM) de Novell anterior a versión 2.0.3 Hot Parche 1, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de un ID de usuario largo, que posiblemente implica una alerta emergente. NOTA: no está claro si este problema cruza los límites del privilegio. • http://secunia.com/advisories/30576 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html http://www.securityfocus.com/archive/1/493964/100/0/threaded http://www.securityfocus.com/bid/29602 http://www.securitytracker.com/id?1020209 http://www.vupen.com/english/advisories/2008/1764/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42918 • CWE-20: Improper Input Validation •
CVE-2008-2703 – Novell Groupwise Messenger 2.0 Client - Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2703
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name. Múltiples desbordamientos de búfer en la región stack de la memoria en GroupWise Messenger (GWIM) Client de Novell anterior a versión 2.0.3 HP1 para Windows, permiten a los atacantes remotos ejecutar código arbitrario por medio de "spoofed server responses" que contienen una cadena larga después del nombre del campo NM_A_SZ_TRANSACTION_ID. • https://www.exploit-db.com/exploits/31889 https://www.exploit-db.com/exploits/16814 http://secunia.com/advisories/30576 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5026700.html http://www.securityfocus.com/archive/1/493964/100/0/threaded http://www.securityfocus.com/bid/29602 http://www.securitytracker.com/id?1020209 http://www.vupen.com/english/advisories/2008/1764/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42917 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-4511
https://notcve.org/view.php?id=CVE-2006-4511
Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines." Messenger Agents (nmma.exe) en Novell GroupWise 2.0.2 y 1.0.6 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una petición HTTP POST a puerto TCP 8300 con una parámetro val modificado, lo cual dispara una referencia nula relacionada con "cadenas de longitud cero en rutinas blowfish". • http://secunia.com/advisories/22244 http://securitytracker.com/id?1016974 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974452.htm http://www.idefense.com/intelligence/vulnerabilities/display.php?id=416 http://www.kb.cert.org/vuls/id/796956 http://www.securityfocus.com/bid/20316 http://www.vupen.com/english/advisories/2006/3893 https://exchange.xforce.ibmcloud.com/vulnerabilities/29319 •