"The version of GroupWise you are using cannot access this post office."

  • 3936366
  • 05-Mar-2008
  • 27-Apr-2012

Environment

Novell GroupWise 7
Novell SUSE Linux Enterprise Desktop 10 Support Pack 1

Situation

Clients will receive the following error when launching the GroupWise client that comes with
Novell SUSE Linux Enterprise Desktop 10 Support Pack 1 against Novell GroupWise 7 Support Pack 2 or newer post office.

Resolution

Novell SUSE Linux Enterprise Desktop 10 Support Pack 1 ships with the Novell GroupWise 7 Support Pack 2 HP 1a client novell-groupwise-gwclient-7.0.2-20070606.i586.rpm. This version contains a security fix which requires a POA of an equal or newer version to log into.
The standalone release of this client can be found at GroupWise 7.0.2 Hot Patch 1a Full Linux 702HP1a.
More info:
Vulnerability Explanation:
A security vulnerability in the GroupWise system that allows a malicious user to intercept authentication credentials through a'man in the middle' mechanism. All of the following OS's are affected: Server: NetWare, Linux, Windows Client: Windows, Linux, Macintosh.
Reported as CVE-2007-2513. This vulnerability was discovered by Andreas Schmidt, cirosec GmbH (http://www.cirosec.de).

Resolution:
Customers should immediately upgrade all GroupWise Clients, including the GroupWise Outlook Connector, and all GroupWise Agents, MTA, POA, GWIA & Webaccess to GroupWise 7 sp2 software dated May 24th, 2007 or newer. Additionally, lock out all GroupWise Clients older than May 24th, 2007 via ConsoleOne. If using the GroupWise Exchange Migration Utility, this must also be updated.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.