Lucene search

[email protected]CVE-2010-4714

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4714

2022-10-0316:21:06

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4714

novell groupwise

buffer overflow

remote code execution

nvd

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.043 Low

EPSS

Percentile

92.4%

JSON

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

Affected configurations

NVD

Node

novellgroupwiseRange≤8.0.2

novellgroupwiseMatch4.1

novellgroupwiseMatch4.1a

novellgroupwiseMatch5.0

novellgroupwiseMatch5.1

novellgroupwiseMatch5.2

novellgroupwiseMatch5.5

novellgroupwiseMatch5.5enhancement_pack

novellgroupwiseMatch5.57e

novellgroupwiseMatch6.0

novellgroupwiseMatch6.0sp1

novellgroupwiseMatch6.0sp5

novellgroupwiseMatch6.0.1sp1

novellgroupwiseMatch6.5

novellgroupwiseMatch6.5sp1

novellgroupwiseMatch6.5sp2

novellgroupwiseMatch6.5sp3

novellgroupwiseMatch6.5sp4

novellgroupwiseMatch6.5sp5

novellgroupwiseMatch6.5sp6

novellgroupwiseMatch6.5.2

novellgroupwiseMatch6.5.3

novellgroupwiseMatch6.5.4

novellgroupwiseMatch6.5.6

novellgroupwiseMatch6.5.7

novellgroupwiseMatch7.0

novellgroupwiseMatch7.0.1

novellgroupwiseMatch7.0.2

novellgroupwiseMatch7.0.3

novellgroupwiseMatch7.0.4

novellgroupwiseMatch8.0

novellgroupwiseMatch8.0.1

CPENameOperatorVersion
novell:groupwisenovell groupwisele8.0.2
novell:groupwisenovell groupwiseeq4.1
novell:groupwisenovell groupwiseeq4.1a
novell:groupwisenovell groupwiseeq5.0
novell:groupwisenovell groupwiseeq5.1
novell:groupwisenovell groupwiseeq5.2
novell:groupwisenovell groupwiseeq5.5
novell:groupwisenovell groupwiseeq5.57e
novell:groupwisenovell groupwiseeq6.0
novell:groupwisenovell groupwiseeq6.0.1

CPE	Name	Operator	Version
novell:groupwise	novell groupwise	le	8.0.2
novell:groupwise	novell groupwise	eq	4.1
novell:groupwise	novell groupwise	eq	4.1a
novell:groupwise	novell groupwise	eq	5.0
novell:groupwise	novell groupwise	eq	5.1
novell:groupwise	novell groupwise	eq	5.2
novell:groupwise	novell groupwise	eq	5.5
novell:groupwise	novell groupwise	eq	5.57e
novell:groupwise	novell groupwise	eq	6.0
novell:groupwise	novell groupwise	eq	6.0.1

Rows per page:

1-10 of 231

References

www.facebook.com/note.php?note_id=477865030928

www.novell.com/support/viewContent.do?externalId=7007159&sliceId=1

zerodayinitiative.com/advisories/ZDI-10-247/

bugzilla.novell.com/show_bug.cgi?id=627942

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.043 Low

EPSS

Percentile

92.4%

JSON

Related for CVE-2010-4714

cvelist1 prion1 nvd1 nessus1