APP: Novell Messenger Server
This signature detects attempts to exploit a known vulnerability against the Novell Messenger Server. A successful attack can lead to arbitrary remote code execution within the context of the service. Exploit code for this vulnerability is available from CORE Security.
Extended Description
Novell GroupWise Messenger is prone to a remote buffer-overflow vulnerability. The vulnerability affects the Novell Messaging Agent component and arises when the server handles an 'Accept-Language' header containing excessive data. A successful attack may lead to arbitrary code execution in the context of SYSTEM or superuser. Novell GroupWise Messenger 2.0 is vulnerable to this issue.
Affected Products
Novell groupwise_messenger
Short Name
APP:NOVELL:MESSENGER-SERVER-BOF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2006-0992 Messenger Novell Server bid:17503
Release Date
05/05/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
Port
TCP/8300
False Positive
Unknown
Vendors
Novell
CVSS Score
10.0