Novell

This is Your Open EnterpriseTM

GroupWise Mobile Server 1.0 HP1 1.0 HP1

This document (5005120) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

This patch does not supersede any other patches.

patches that supersede this patch

This patch is not superseded by any other patches.

patch attributes

Security patch: Yes
Priority: Mandatory
Distribution Type: Public
http://download.novell.com/Download?buildid=dJRKYml8TU4~

document

Revision: 10
Document ID: 5005120
Creation Date: 2007-07-20 12:24:30
Modified Date: 2008-05-13 18:24:29

abstract

This patch is for a security issue found in GMS 1.0. This patch can update either GMS 1.0 and GMS 1.0 DST code. Please see the installation instructions for information on applying the patch.

details

Details have been taken from the following URL that address issues with the GMS 1.0 release:

http://www.sec-consult.com/289.html

* Some ASP scripts under /usrmgr/ list all configured users including
the mail server address with userid (but no password).

* Furthermore it is possible to deactivate all users and denial access
to the system.

* Some ASP scripts are vulnerable to cross site scripting attacks.

An attacker does not need to be authenticated to perform those attacks!

To apply the patch, do the following:

1) Download the file gms10hp1.exe and place it in an empty directory.
2) Execute the file and when prompted, extract the file into the same empty directory.
3) Copy the files under the www directory in the extracted files to \www, overwriting the previous version of the files that are there.

It is not necessary to stop and restart the server--the changes take effect immediately

Additional steps to take:

Remove the files /usrmgr/userList.asp and /usrmgr/userStatusList.asp, as well as the rest of the contents of the \www\usrmgr directory.

security fixes

Reported as CVE-2007-2592, this vulnerability was discovered by Johannes Greil, SEC Consult, (www.sec-consult.com)

change log

Nokia defect # 66580 - GMS 1.x has a cross site scripting vulnerability, reported in the press
- fixed in \create_account.asp, \pda\dev_logon.asp

file contents

Files IncludedSizeDate
gms10hp1.exe102.6 KB (105077)2007-07-02 09:30:34
readme_5005120.htmlN/A2008-05-13 18:24:30

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.