Lucene search

[email protected]CVE-2007-2171

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2171

2007-04-2420:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2171

buffer overflow

base64_decode

novell groupwise

gw webaccess

nvd

remote code execution

http basic authentication

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.946 High

EPSS

Percentile

99.3%

JSON

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.

Affected configurations

NVD

Node

novellgroupwiseMatch7.0

novellgroupwiseMatch7.0sp1

CPENameOperatorVersion
novell:groupwisenovell groupwiseeq7.0

CPE	Name	Operator	Version
novell:groupwise	novell groupwise	eq	7.0

References

download.novell.com/Download?buildid=8RF83go0nZg~

download.novell.com/Download?buildid=O9ucpbS1bK0~

secunia.com/advisories/24944

securityreason.com/securityalert/2610

www.securityfocus.com/archive/1/466212/100/0/threaded

www.securityfocus.com/bid/23556

www.securitytracker.com/id?1017932

www.vupen.com/english/advisories/2007/1455

www.zerodayinitiative.com/advisories/ZDI-07-015.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.946 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2007-2171

saint4 canvas1 checkpoint_advisories1 nessus1 securityvulns2 prion1 cvelist1 nvd1 zdi1