Security Vulnerability - GroupWise Internet Agent (GWIA) Denial-of-Service (DoS) Issue

  • 7006378
  • 30-Jun-2010
  • 26-Apr-2012


Novell GroupWise 8
Novell GroupWise 8 Internet Agent
GroupWise 8.0x up to (and including) 8.02HP2


The Novell GroupWise Internet Agent (GWIA) is vulnerable to a DoS exploit whereby an attacker could potentially cause the application to crash by inputting certain data.

This vulnerability was discovered and reported by James Ogden - Salford Software (

CVE-2011-2218, CVE-2011-2219


To resolve this issue, apply GroupWise 8.0 Hot Patch 3 (HP3) or later.
Previous versions of GroupWise are likely also vulnerable but are no longer supported. Customers on earlier versions of GroupWise should, at a minimum, upgrade their GWIAs and associated Domains to version 8.02HP3 in order to secure their system.


Security Alert

Bug Number