The GroupWise Internet Agent (GWIA) is vulnerable to an integer overflow exploit in the way it processes LDAP requests, which could potentially allow an unauthenticated remote attacker to execute arbitrary code on vulnerable installations of GWIA.
GroupWise 8.0x up to and including 8.02HP3
To resolve this vulnerability, apply GroupWise 8.0 Support Pack 3 (or later) or 2012 Support Pack 1.
Customers can also secure their system by disabling the LDAP service on their GroupWise Internet Agent (under the properties of the GWIA object, click the LDAP tab and uncheck the box for "Enable LDAP service")
This vulnerability was discovered and reported by Francis Provencher working with TippingPoint's Zero Day Initiative (http://www.zerodayinitiative.com), ZDI-CAN-1347
Novell bug 740041, CVE-2012-0417