Novell GroupWise Man In The Middle Vulnerability
BID:24258
Info
Novell GroupWise Man In The Middle Vulnerability
| Bugtraq ID: | 24258 |
| Class: | Design Error |
| CVE: |
CVE-2007-2513 |
| Remote: | Yes |
| Local: | No |
| Published: | May 31 2007 12:00AM |
| Updated: | Mar 13 2008 03:41AM |
| Credit: | Andreas Schmidt is credited with the discovery of this issue. |
| Vulnerable: |
Novell Groupwise 7.0 Novell Groupwise 6.5 SP6 Novell Groupwise 6.5 SP5 Novell Groupwise 6.5 SP4 Novell Groupwise 6.5 SP3 Novell Groupwise 6.5 SP2 Novell Groupwise 6.5 SP1 Novell Groupwise 6.5 Novell Groupwise 7.0.0 SP1 |
| Not Vulnerable: |
Novell Groupwise 6.5 Post SP6 Novell Groupwise 7.0.0 SP2 |
Discussion
Novell GroupWise Man In The Middle Vulnerability
Novell GroupWise is prone to a man-in-the-middle vulnerability. This issue stems from a design error in the affected application.
An attacker may exploit this issue to access sensitive contents of encrypted network traffic, such as authentication credentials. This may lead to other attacks.
Versions of Novell GroupWise prior to 6.5 post-SP6 and 7 SP2 are vulnerable to this issue.
Novell GroupWise is prone to a man-in-the-middle vulnerability. This issue stems from a design error in the affected application.
An attacker may exploit this issue to access sensitive contents of encrypted network traffic, such as authentication credentials. This may lead to other attacks.
Versions of Novell GroupWise prior to 6.5 post-SP6 and 7 SP2 are vulnerable to this issue.
Exploit / POC
Novell GroupWise Man In The Middle Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Novell GroupWise Man In The Middle Vulnerability
Solution:
The vendor has released updates to address this issue. Please contact the vendor for information on obtaining fixes.
Solution:
The vendor has released updates to address this issue. Please contact the vendor for information on obtaining fixes.
References
Novell GroupWise Man In The Middle Vulnerability
References:
References:
- GroupWise 7.0.2/6.5.7 Security Vulnerability (Novell)
- Novell GroupWise Homepage (Novell)