CIS CYBER SECURITY ADVISORIES

MS-ISAC CYBER SECURITY ADVISORY NUMBER:
2012-048

DATE(S) ISSUED:
07/02/2012

SUBJECT:
Novell GroupWise is Prone to a Directory-Traversal Vulnerability

OVERVIEW:

A vulnerability has been discovered in Novell GroupWise that could allow an attacker to obtain sensitive information that could aid in further attacks. Novell GroupWise is a collaborative software product that includes email, calendars, instant messaging, and document management. Successful exploitation of this vulnerability could result in an attacker gaining access to files and directories in the context of the application.

SYSTEMS AFFECTED:

  • Novell GroupWise 8.0 Support Pack 2 0
  • Novell Groupwise 8.02 HP3
  • Novell Groupwise 8.02 HP2
  • Novell Groupwise 8.02 HP1
  • Novell Groupwise 8.02
  • Novell Groupwise 8.01x
  • Novell Groupwise 8.0 SP2
  • Novell Groupwise 8.0 SP1
  • Novell Groupwise 8.0 HP3
  • Novell Groupwise 8.0 HP2
  • Novell Groupwise 8.0 HP1
  • Novell Groupwise 8.0

RISK:

Government:

  • Large and medium government entities: High
  • Small government entities: High

Businesses:

  • Large and medium business entities: High
  • Small business entities: High

Home users: Low

DESCRIPTION:

A vulnerability has been discovered in Novell GroupWise that could allow an attacker to obtain sensitive information that could aid in further attacks. This vulnerability exists because the GroupWise WebAccess interface does not properly sanitize user-supplied input submitted to the User.interface parameter. To exploit this vulnerability, an attacker creates a specially crafted URL containing directory traversal sequences (such as ../), and submits it to the Groupwise WebAccess interface. Successful exploitation could occur if the version of GroupWise that is implemented is between 8.0x and 8.02 HP3 and read access is available to the file for the GroupWise WebAccess application (such as a web browser).

Successful exploitation could result in unauthorized access to directories and files in the context of the application. An attackercould then use the information gathered for further attacks.

RECOMMENDATIONS:
We recommend the following actions be taken:

  • Apply appropriate patches provided by Novell to vulnerable systems immediately after appropriate testing.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.

REFERENCES:

Novell:
http://www.novell.com/support/kb/doc.php?id=7000708

Security Focus:
http://www.securityfocus.com/bid/54253