[ISN] Novell Patches Security Hole In GroupWise Server

From: InfoSec News (isnat_private)
Date: Wed Oct 17 2001 - 01:15:43 PDT

Next message: InfoSec News: "[ISN] New hackers wreak havoc"

Previous message: William Knowles: "[ISN] Cellphones versus box-cutters"
Next in thread: InfoSec News: "[ISN] Novell Patches Security Hole In GroupWise Server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.newsbytes.com/news/01/171160.html

By Steven Bonisteel, Newsbytes
PROVO, UTAH, U.S.A.,
16 Oct 2001, 7:45 AM CST
 
Novell Inc. [NASDAQ:NOVL] is urging users of its GroupWise software
for messaging and collaboration to patch a security hole that could
allow an intruder to view any file on a GroupWise server via the
application's Web interface.

The problem is found in the WebAccess system of the GroupWise 5.5
Enhancement Pack and in the most-recent GroupWise 6 release, Novell
said.
 
However, since GroupWise, like the competing Microsoft Exchange
server, is most often found behind the firewalls of corporate
intranets, those who might exploit the security hole are most likely
to come from a company's own disgruntled ranks.

Discovered by Irvine, Calif., security company Foundstone, the
GroupWise vulnerability is found in its script-driven interface for
user access to e-mail and communal collaboration tools.

Foundstone first discovered that supplying an invalid command to the
GroupWise program Novell calls "webacc" will cause the server to
reveal the full path to the directory in which the GroupWise system is
installed.

In addition, an unauthorized individual can view files anywhere on the
server by passing to webacc a relative path to target file and the
file name, followed by a specially encoded null character.

In an advisory on its GroupWise support site, Novell pointed out that
an attacker would have to know the exact location and name of the file
he or she wanted to view.

However, Foundstone suggested that the system's willingness to divulge
its own installation directories would make it easier for a savvy
hacker to find the GroupWise configuration files as well as any
well-known system files that may be installed on the same logical
drive.

Novell has additional information and a patch for the problem online
here: http://www.novell.com/products/groupwise

Foundstone can be found here: http://www.foundstone.com



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] New hackers wreak havoc"
Previous message: William Knowles: "[ISN] Cellphones versus box-cutters"
Next in thread: InfoSec News: "[ISN] Novell Patches Security Hole In GroupWise Server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 06:56:31 PDT