CVE-2009-0410

2009-02-0319:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-0410

groupwise

smtp

daemon

remote code execution

buffer overflow

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.931

Percentile

99.1%

JSON

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.

Affected configurations

Nvd

Node

novellgroupwiseMatch6.5

novellgroupwiseMatch7.0

novellgroupwiseMatch7.01

novellgroupwiseMatch7.02x

novellgroupwiseMatch7.03

novellgroupwiseMatch7.03hp1a

novellgroupwiseMatch8.0

VendorProductVersionCPE
novellgroupwise6.5cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*
novellgroupwise7.0cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*
novellgroupwise7.01cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*
novellgroupwise7.02xcpe:2.3:a:novell:groupwise:7.02x:*:*:*:*:*:*:*
novellgroupwise7.03cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:*
novellgroupwise7.03cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*
novellgroupwise8.0cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	groupwise	6.5	cpe:2.3:a:novell:groupwise:6.5:::::::*
novell	groupwise	7.0	cpe:2.3:a:novell:groupwise:7.0:::::::*
novell	groupwise	7.01	cpe:2.3:a:novell:groupwise:7.01:::::::*
novell	groupwise	7.02x	cpe:2.3:a:novell:groupwise:7.02x:::::::*
novell	groupwise	7.03	cpe:2.3:a:novell:groupwise:7.03:::::::*
novell	groupwise	7.03	cpe:2.3:a:novell:groupwise:7.03:hp1a::::::
novell	groupwise	8.0	cpe:2.3:a:novell:groupwise:8.0:::::::*