NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2001-q4

[ISN] Novell Patches Security Hole In GroupWise Server

From: InfoSec News (isnc4i.org)
Date: Wed Oct 17 2001 - 03:15:43 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.newsbytes.com/news/01/171160.html

By Steven Bonisteel, Newsbytes
PROVO, UTAH, U.S.A.,
16 Oct 2001, 7:45 AM CST

Novell Inc. [NASDAQ:NOVL] is urging users of its GroupWise software
for messaging and collaboration to patch a security hole that could
allow an intruder to view any file on a GroupWise server via the
application's Web interface.

The problem is found in the WebAccess system of the GroupWise 5.5
Enhancement Pack and in the most-recent GroupWise 6 release, Novell
said.

However, since GroupWise, like the competing Microsoft Exchange
server, is most often found behind the firewalls of corporate
intranets, those who might exploit the security hole are most likely
to come from a company's own disgruntled ranks.

Discovered by Irvine, Calif., security company Foundstone, the
GroupWise vulnerability is found in its script-driven interface for
user access to e-mail and communal collaboration tools.

Foundstone first discovered that supplying an invalid command to the
GroupWise program Novell calls "webacc" will cause the server to
reveal the full path to the directory in which the GroupWise system is
installed.

In addition, an unauthorized individual can view files anywhere on the
server by passing to webacc a relative path to target file and the
file name, followed by a specially encoded null character.

In an advisory on its GroupWise support site, Novell pointed out that
an attacker would have to know the exact location and name of the file
he or she wanted to view.

However, Foundstone suggested that the system's willingness to divulge
its own installation directories would make it easier for a savvy
hacker to find the GroupWise configuration files as well as any
well-known system files that may be installed on the same logical
drive.

Novell has additional information and a patch for the problem online
here: http://www.novell.com/products/groupwise

Foundstone can be found here: http://www.foundstone.com

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]