CVE-2010-4714

Published Jan 31, 2011

Last updated 14 years ago

Overview

Description: Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:novell:groupwise:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "362E8654-A9E0-493C-B644-BBA65D6F0825",
            "versionEndIncluding": "8.0.2"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C213746-F174-424F-9647-CDB4FD9C82BA"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:4.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "627E9BD8-E3F1-4832-BE7C-3BDCBE4FD4B8"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9480376B-F221-44A7-B713-98661A63E50D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B355614B-E3EF-478F-80F6-7AB5BFB5D923"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22426725-2204-4750-87F6-A57BA727F213"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A61E70C4-FE03-42AA-9F9B-C8DEB3E12F34"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.5:*:enhancement_pack:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7F809F7-C72F-4869-BE95-EE8BF5F0E111"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:5.57e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "125275B0-EBBB-491B-BBBA-434CBAF02DB9"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "194704B6-4820-4398-8906-A1E529ED65AF"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E0DC694-0DEB-41DE-8A0D-9B649FC2F220"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B7AE069-1CEC-4818-9582-743ADE5AFCB6"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.0.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9A8D9A3-2369-4B08-8A73-2A66EFEB26E1"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08A78BE7-6426-41CD-BBAF-9BB951726D33"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50599E1-45E5-443F-AAEC-F91778CA4792"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0BB62B7-C895-4AB6-9CEB-4B312E334953"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A91EAC4C-8EEE-4050-B1AD-E677AD90327D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F65030-60A2-4EC2-A06D-EC5249FD9FA5"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5:sp6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CB8A6AD-94E4-4871-9BCA-EC637161E70D"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "814CAE15-78D8-4205-AC95-E07385A7B3DB"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "251EAE31-9799-453A-ABF7-F3D1C6602A81"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32AFA45E-7EA4-4067-BDB5-AB4391B3FE65"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B8BA202-8147-4837-8C14-C7A60E70EFEE"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:6.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D61CB70-5B89-4D12-AA31-9C4BF9A41813"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79FC1678-FAE8-4C2E-AF5B-911569DB1E80"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD0AA3F3-6BE4-4CCC-838F-E8BD1F06590B"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D3BCF9F-9CDA-4DFD-AC39-2624BCFAAD96"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:7.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8897DB73-D299-41C8-B4E5-441A6D99F47C"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C52E2ABC-20AE-437A-83B0-2E0753787FB5"
          },
          {
            "criteria": "cpe:2.3:a:novell:groupwise:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1B3A28C-0A95-4470-9EDA-B87B40E88D0C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References