CVE-2010-4717

GroupWise Internet Agent <8.02HP - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4717. PoCs published by Francis Provencher.

AI-analyzed exploit summary This Python script exploits a buffer overflow vulnerability in Novell Groupwise Internet Agent's IMAP service via an overly long LIST or LSUB request, leading to remote code execution. The PoC sends a malformed buffer to trigger the overflow.

Description

Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Francis Provencher · textdoslinux
https://www.exploit-db.com/exploits/15464

This Python script exploits a buffer overflow vulnerability in Novell Groupwise Internet Agent's IMAP service via an overly long LIST or LSUB request, leading to remote code execution. The PoC sends a malformed buffer to trigger the overflow.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Novell Groupwise Internet Agent (GroupWise 8.0.2 on SLES 10 SP3)
Auth required
Prerequisites: Network access to the IMAP service (port 143) · Valid credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0993
EPSS Percentile 95.0%

Details

CWE
CWE-119
Status published
Products (23)
novell/groupwise 4.1
novell/groupwise 4.1a
novell/groupwise 5.0
novell/groupwise 5.1
novell/groupwise 5.2
novell/groupwise 5.5 (2 CPE variants)
novell/groupwise 5.57e
novell/groupwise 6.0 (3 CPE variants)
novell/groupwise 6.0.1 sp1
novell/groupwise 6.5 (7 CPE variants)
... and 13 more
Published Jan 31, 2011
Tracked Since Feb 18, 2026