Re: [ISR] - Novell GroupWise Client Integer Overflow

["Crist J. Clark" <cristjc () comcast net>]

On Tue, Sep 27, 2005 at 10:57:57AM -0300, Francisco Amato wrote:
[snip]

> .:: DESCRIPTION 
>
> This issue is due to a failure of the application to securely parse the
> saved port number of the last authentication store in windows register. 
>
> To reproduce this, we have to modify the default register key of
> HKEY_CURRENT_USER\Software\Novell\GroupWise\Login Parameters\TCP/IP Port 

This is obviously a bug, but why is this a security vulnerability?
Does the GroupWise client run with elevated privileges?
-- 
Crist J. Clark                     |     cjclark () alum mit edu