APP: Novell Messenger Client Filename Parameter Stack Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Novell Messenger. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.

Affected Products

Novell messenger

References

CVE: CVE-2013-1085

Short Name
APP:NOVELL:MESSENGER-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2013-1085 Client Filename Messenger Novell Overflow Parameter Stack
Release Date
05/06/2013
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Novell

CVSS Score

9.3

Found a potential security threat?