SMTP: Multiple SMTP Header Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Multiple SMTP Header. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.

Extended Description

Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.

Affected Products

Novell groupwise

References

BugTraq: 44732 7419

CVE: CVE-2011-2662

Short Name
SMTP:MULTIPLE-HYD-BOF
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
Buffer CVE-2003-0113 CVE-2010-4715 CVE-2011-2662 CVE-2011-2663 Header Multiple Overflow SMTP bid:44732 bid:7419
Release Date
01/08/2013
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Novell

CVSS Score

7.5

10.0

5.0

Found a potential security threat?