Signature Detail
Short Name |
APP:NOVELL:GWMGR-INFODISC |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Novell Groupwise Messenger Server Process Memory Information Disclosure |
Release Date |
2013/01/07 |
Update Number |
2222 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Novell Groupwise Messenger Server Process Memory Information Disclosure
This signature detects attempts to exploit a known vulnerability against Novell Messenger. A successful attack can lead to information disclosure. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Extended Description
Novell Messenger Server Process is prone to an information-disclosure vulnerability that lets attackers retrieve contents of arbitrary memory locations. An attacker can exploit this vulnerability to retrieve certain files from the vulnerable computer in the context of the webserver process. Information obtained may aid in further attacks.
Affected Products
- Novell GroupWise Messenger 2.0
- Novell GroupWise Messenger 2.0.2
- Novell GroupWise Messenger 2.0.3
- Novell Messenger 2.1
- Novell Messenger 2.2.0
References
- BugTraq: 50443
- CVE: CVE-2011-3179