CVE-2011-4189

Novell GroupWise 8.0x-8.02HP3 - Remote Code Execution via Long Email Address in Address Book File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4189. PoCs published by Francis Provencher.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in Novell Groupwise Client by crafting a malformed Novell Address Book (*.NAB) file with an overly long email address. The exploit triggers remote code execution when the user opens the malicious file.

Description

The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file.

Exploits (1)

exploitdb WORKING POC

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/18546

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in Novell Groupwise Client by crafting a malformed Novell Address Book (*.NAB) file with an overly long email address. The exploit triggers remote code execution when the user opens the malicious file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Novell Groupwise Client

No auth needed

Prerequisites: User interaction required to open the malicious *.NAB file

MITRE ATT&CK