CVE-2010-4714

EUVD-2010-4679
Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
novellgroupwise
𝑥
≤ 8.0.2
novellgroupwise
4.1
novellgroupwise
4.1a:a
novellgroupwise
5.0
novellgroupwise
5.1
novellgroupwise
5.2
novellgroupwise
5.5
novellgroupwise
5.5
novellgroupwise
5.57e:e
novellgroupwise
6.0
novellgroupwise
6.0:sp1
novellgroupwise
6.0:sp5
novellgroupwise
6.0.1:sp1
novellgroupwise
6.5
novellgroupwise
6.5:sp1
novellgroupwise
6.5:sp2
novellgroupwise
6.5:sp3
novellgroupwise
6.5:sp4
novellgroupwise
6.5:sp5
novellgroupwise
6.5:sp6
novellgroupwise
6.5.2
novellgroupwise
6.5.3
novellgroupwise
6.5.4
novellgroupwise
6.5.6
novellgroupwise
6.5.7
novellgroupwise
7.0
novellgroupwise
7.0.1
novellgroupwise
7.0.2
novellgroupwise
7.0.3
novellgroupwise
7.0.4
novellgroupwise
8.0
novellgroupwise
8.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.facebook.com/note.php?note_id=477865030928
http://www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1
http://zerodayinitiative.com/advisories/ZDI-10-247/
https://bugzilla.novell.com/show_bug.cgi?id=627942
http://www.facebook.com/note.php?note_id=477865030928
http://www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1
http://zerodayinitiative.com/advisories/ZDI-10-247/
https://bugzilla.novell.com/show_bug.cgi?id=627942