GroupWise Messenger 2.0 Accept Language Buffer Overflow

  • 10100861
  • NOVL105592
  • 04-Apr-2006
  • 18-Apr-2006

Fact

Novell GroupWise Messenger 2.0

Symptom

GroupWise Messenger 2.0 Accept Language Buffer Overflow

If the "accept-language" token is greater than 16 characters without any commas or semicolons, a stack overflow will result.

Note

Vulnerability discovered by TippingPoint Zero Day Initiative.

This vulnerability has been assigned the identifier CVE-CAN-0992  by the CVE database.

Fix

The fix is now available with GroupWise Messenger 2.0 Public Beta 2 available from http://novell.com/beta via the GroupWise 7 Support Pack 1 Beta 2.  This fix will also be included in the shipping release of Messenger 2.0 SP1 tentatively scheduled for the end of May 2006.

The Messenger Agent needs to be patched.  The Messenger Client can be updated later, but is not required.