CVE-2008-2703

Novell GroupWise Messenger < 2.0.3 HP1 - Remote Code Execution via Spoofed Server Response

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2008-2703. PoCs published by Metasploit, Francisco Amato, including Metasploit module exploits/windows/novell/groupwisemessenger_client.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Novell GroupWise Messenger Client via a crafted HTTP response, allowing arbitrary code execution. It targets versions 1.0 and 2.0 with specific return addresses and includes payload handling for Windows platforms.

Description

Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16814

This Metasploit module exploits a stack buffer overflow in Novell GroupWise Messenger Client via a crafted HTTP response, allowing arbitrary code execution. It targets versions 1.0 and 2.0 with specific return addresses and includes payload handling for Windows platforms.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell GroupWise Messenger Client 1.0 and 2.0
No auth needed
Prerequisites: Network access to the target's GroupWise Messenger Client port (8300 by default)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Francisco Amato · perldosnovell
https://www.exploit-db.com/exploits/31889

This Perl script emulates a fake Novell GroupWise Messenger server to exploit a buffer overflow vulnerability (CVE-2008-2703) by sending a maliciously crafted response containing a large string of 'A' characters (5000 bytes) to trigger the overflow.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell GroupWise Messenger versions prior to 2.0.3 HP1
No auth needed
Prerequisites: Network access to the target system · Target system running vulnerable Novell GroupWise Messenger
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/novell/groupwisemessenger_client.rb

This Metasploit module exploits a stack buffer overflow in Novell GroupWise Messenger Client by sending a crafted HTTP response. It achieves remote code execution via a payload delivered through a malformed response.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell GroupWise Messenger Client 1.0, 2.0
No auth needed
Prerequisites: Network access to the target · Target must be running vulnerable GroupWise Messenger Client
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/29602
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30576
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42917
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020209
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/493964/100/0/threaded
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1764/references

Scores

EPSS 0.6112
EPSS Percentile 99.0%

Details

CWE
CWE-119
Status published
Products (3)
novell/groupwise_messenger 2.0
novell/groupwise_messenger 2.0.2
novell/groupwise_messenger 2.0.3
Published Jun 13, 2008
Tracked Since Feb 18, 2026