Full Disclosure mailing list archives
Re: [ISR] - Novell GroupWise Client Integer Overflow
From: "Crist J. Clark" <cristjc () comcast net>
Date: Tue, 27 Sep 2005 12:51:42 -0700
On Tue, Sep 27, 2005 at 10:57:57AM -0300, Francisco Amato wrote: [snip]
.:: DESCRIPTION This issue is due to a failure of the application to securely parse the saved port number of the last authentication store in windows register. To reproduce this, we have to modify the default register key of HKEY_CURRENT_USER\Software\Novell\GroupWise\Login Parameters\TCP/IP Port
This is obviously a bug, but why is this a security vulnerability? Does the GroupWise client run with elevated privileges? -- Crist J. Clark | cjclark () alum mit edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [ISR] - Novell GroupWise Client Integer Overflow Francisco Amato (Sep 27)
- Re: [ISR] - Novell GroupWise Client Integer Overflow Crist J. Clark (Sep 27)
- <Possible follow-ups>
- [ISR] - Novell GroupWise Client Integer Overflow famato (Sep 27)
- [ISR] - Novell GroupWise Client Integer Overflow famato (Sep 27)