Information Security News
mailing list archives
Novell Patches Security Hole In GroupWise Server
From: InfoSec News <isn () c4i org>
Date: Wed, 17 Oct 2001 03:15:43 -0500 (CDT)
By Steven Bonisteel, Newsbytes
PROVO, UTAH, U.S.A.,
16 Oct 2001, 7:45 AM CST
Novell Inc. [NASDAQ:NOVL] is urging users of its GroupWise software
for messaging and collaboration to patch a security hole that could
allow an intruder to view any file on a GroupWise server via the
application's Web interface.
The problem is found in the WebAccess system of the GroupWise 5.5
Enhancement Pack and in the most-recent GroupWise 6 release, Novell
However, since GroupWise, like the competing Microsoft Exchange
server, is most often found behind the firewalls of corporate
intranets, those who might exploit the security hole are most likely
to come from a company's own disgruntled ranks.
Discovered by Irvine, Calif., security company Foundstone, the
GroupWise vulnerability is found in its script-driven interface for
user access to e-mail and communal collaboration tools.
Foundstone first discovered that supplying an invalid command to the
GroupWise program Novell calls "webacc" will cause the server to
reveal the full path to the directory in which the GroupWise system is
In addition, an unauthorized individual can view files anywhere on the
server by passing to webacc a relative path to target file and the
file name, followed by a specially encoded null character.
In an advisory on its GroupWise support site, Novell pointed out that
an attacker would have to know the exact location and name of the file
he or she wanted to view.
However, Foundstone suggested that the system's willingness to divulge
its own installation directories would make it easier for a savvy
hacker to find the GroupWise configuration files as well as any
well-known system files that may be installed on the same logical
Novell has additional information and a patch for the problem online
Foundstone can be found here: http://www.foundstone.com
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
- Novell Patches Security Hole In GroupWise Server InfoSec News (Oct 17)