Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > July 2007 > 3286 - Novell Groupwise Mobile Server

July 2007

3286 - Novell Groupwise Mobile Server

ID: 3286
Date: 30 July 2007 15:21
Title: 3286 - Novell Groupwise Mobile Server
Abstract: This patch is for a security issue found in GMS 1.0. This patch can update either GMS 1.0 and GMS 1.0 DST code.
Vendors affected:Novell
Applications affected:Novell GroupWise Mobile Server powered by Intellisync
Warning Status: Imminent
Availability of fix: Available
Type of fix: Patch
Source: Novell
Reliability of source: Known
Source URL: http://download.novell.com/Download?buildid=dJRKYml8TU4~

GroupWise Mobile Server 1.0 HP1 1.0 HP1

This document (5005120) is provided subject to the disclaimer at the end of this document.

readme

Revision: 1
Distribution Type: Public
http://download.novell.com/Download?buildid=dJRKYml8TU4~

abstract
This patch is for a security issue found in GMS 1.0. This patch can update either GMS 1.0 and GMS 1.0 DST code. Please see the installation instructions for information on applying the patch.

details
Details have been taken from the following URL that address issues with the GMS 1.0 release:

http://www.sec-consult.com/289.html

* Some ASP scripts under /usrmgr/ list all configured users including
the mail server address with userid (but no password).

* Furthermore it is possible to deactivate all users and denial access
to the system.

* Some ASP scripts are vulnerable to cross site scripting attacks.

An attacker does not need to be authenticated to perform those attacks!

To apply the patch, do the following:

1) Download the file gms10hp1.exe and place it in an empty directory.
2) Execute the file and when prompted, extract the file into the same empty directory.
3) Copy the files under the www directory in the extracted files to \www, overwriting the previous version of the files that are there.

It is not necessary to stop and restart the server--the changes take effect immediately

Additional steps to take:

Remove the files /usrmgr/userList.asp and /usrmgr/userStatusList.asp, as well as the rest of the contents of the \www\usrmgr directory.

security fixes
Reported as CVE-2007-2592, this vulnerability was discovered by Johannes Greil, SEC Consult, (www.sec-consult.com)

change log
Nokia defect # 66580 - GMS 1.x has a cross site scripting vulnerability, reported in the press
- fixed in \create_account.asp, \pda\dev_logon.asp

file contents
Files Included Size Date
gms10hp1.exe 102.6 KB (105077) 2007-07-02 09:30:34
readme_5005120.html N/A 2007-07-20 12:24:31

superceded patches
This patch does not supercede any other patches.
document
Document ID: 5005120
Creation Date: 2007-07-20 12:24:30

disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.

This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.

The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |