Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command.
osvdb.org/54644
osvdb.org/54645
secunia.com/advisories/35177
www.novell.com/support/viewContent.do?externalId=7003272&sliceId=1
www.novell.com/support/viewContent.do?externalId=7003273&sliceId=1
www.securityfocus.com/archive/1/503724/100/0/threaded
www.securityfocus.com/bid/35064
www.securityfocus.com/bid/35065
www.securitytracker.com/id?1022276
www.vupen.com/english/advisories/2009/1393
www.vupen.com/exploits/Novell_GroupWise_GWIA_Email_Address_Remote_Buffer_Overflow_Exploit_1393141.php
www.vupen.com/exploits/Novell_GroupWise_GWIA_SMTP_Command_Remote_Buffer_Overflow_PoC_Exploit_1393140.php
bugzilla.novell.com/show_bug.cgi?id=478892
bugzilla.novell.com/show_bug.cgi?id=482914
exchange.xforce.ibmcloud.com/vulnerabilities/50692
exchange.xforce.ibmcloud.com/vulnerabilities/50693