CVE-2006-4511

Currently unrated

Key Information:

Vendor: Novell
Status: Groupwise Messenger
Vendor: CVE Published:; 5 October 2006

Summary

Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines."

References

http://www.vupen.com/english/advisories/2006/3893

vdb-entryx_refsource_VUPEN

http://www.idefense.com/intelligence/vulnerabilities/disp...

third-party-advisoryx_refsource_IDEFENSE

http://securitytracker.com/id?1016974

vdb-entryx_refsource_SECTRACK

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 5, 2006
Vulnerability Reserved
Aug 31, 2006

Collectors

NVD DatabaseMitre Database