Novell Groupwise WebAccess buffer overflow updated since 20.04.2007
Published:		20.04.2007
Source:		BUGTRAQ
SecurityVulns ID:		7616
Type:		remote
Level:		6/10
Description:		Stack buffer overflow (stack overrun) during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding.

CVE:

CVE-2007-2171 (Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.)

Original document

ZDI, ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability (20.04.2007)

Discuss:

Read or add your comments to this news (0 comments)