CVE-2007-2171
Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Desbordamiento de búfer basado en pila en la función base64_decode en GWINTER.exe en Novell GroupWise (GW) WebAccess anterior a 7.0 SP2 permite a atacantes remotos ejecutar código de su elección a través de un contenido grande en base64 en una respuesta HTTP Basic Authentication.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability.
The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the handling of an HTTP Basic authentication request, the process copies user-supplied base64 data into a fixed length stack buffer. Sending at least 336 bytes will trigger a stack based buffer overflow due to a vulnerable base64_decode() call. Exploitation of this issue can result in arbitrary code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-04-18 CVE Published
- 2007-04-22 CVE Reserved
- 2024-06-19 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/2610 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/466212/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/23556 | Vdb Entry | |
http://www.securitytracker.com/id?1017932 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/1455 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-07-015.html | X_refsource_misc |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://download.novell.com/Download?buildid=8RF83go0nZg~ | 2018-10-16 | |
http://download.novell.com/Download?buildid=O9ucpbS1bK0~ | 2018-10-16 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/24944 | 2018-10-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 7.0 Search vendor "Novell" for product "Groupwise" and version "7.0" | - |
Affected
| ||||||
Novell Search vendor "Novell" | Groupwise Search vendor "Novell" for product "Groupwise" | 7.0 Search vendor "Novell" for product "Groupwise" and version "7.0" | sp1 |
Affected
|