Bugtraq mailing list archives

Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e

From: agray () NOVACOAST COM (Adam Gray)
Date: Mon, 7 Feb 2000 17:06:07 -0800


Discussion
There is a DOS attack that can be run against Novell GroupWise Web Access
5.5 Enhancement Pack. The Java Server is possible to crash with a long
character string sent to the servlet gateway using a web browser. This DOS
can cause the Netscape web server to abend, the Java.nlm to take all of the
processor utilization, or the post office can simple stop responding. This
DOS attack will kill any active GroupWise based connections to the GroupWise
server. The server typically requires a reboot to fix the problem. This bug
has been confirmed by Novell with instruction from novacoast.

Exploit
<A HREF="http://servername/servlet/<garbage">http://servername/servlet/<garbage</A> string of characters 200 or more>

Solution
GroupWise Enhancement Pack 5.5 Sp1
This patch is still in beta. It should be released in the next few weeks. It
can be obtained by contacting Novell Technical Support

Adam Gray
Vice President Technology
novacoast
agray () novacoast com
805-568-0171

Current thread:

Re: Bypass Virus Checking, (continued)
- - Re: Bypass Virus Checking Vladimir Dubrovin (Feb 02)
- Re: Bypass Virus Checking Brock Sides (Feb 01)
- Re: Bypass Virus Checking salme () US IBM COM (Feb 01)
  - Fwd: CERT Advisory CA-2000-02 Shockro () AOL COM (Feb 02)
    - Re: Fwd: CERT Advisory CA-2000-02 fury (Feb 03)
    - Re: Fwd: CERT Advisory CA-2000-02 Ari Gordon-Schlosberg (Feb 03)
    - Re: Fwd: CERT Advisory CA-2000-02 Marc Slemko (Feb 03)
    - Re: Fwd: CERT Advisory CA-2000-02 Henrik Nordstrom (Feb 05)
    - Re: Fwd: CERT Advisory CA-2000-02 Byron Alley (Feb 07)
    - Re: Fwd: CERT Advisory CA-2000-02 Len Budney (Feb 08)
    - Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e Adam Gray (Feb 07)
    - Re: Fwd: CERT Advisory CA-2000-02 Henri Torgemane (Feb 03)
    - recent 'cross site scripting' CERT advisory Tim Hollebeek (Feb 04)
    - Re: recent 'cross site scripting' CERT advisory Marc Slemko (Feb 05)
    - Re: recent 'cross site scripting' CERT advisory Manuel Martin (Feb 08)
    - Novell BorderManager 3.5 Remote Slow Death Chicken Man (Feb 08)
    - Re: Novell BorderManager 3.5 Remote Slow Death Ron van Daal (Feb 09)
    - Re: Novell BorderManager 3.5 Remote Slow Death Puchatek (Feb 11)
    - Re: recent 'cross site scripting' CERT advisory Bill Thompson (Feb 06)
    - Re: recent 'cross site scripting' CERT advisory Ari Gordon-Schlosberg (Feb 07)
    - Re: recent 'cross site scripting' CERT advisory Taneli Huuskonen (Feb 07)

(Thread continues...)