Novell in trouble over GroupWise flaw

The problem allows an attacker to obtain login details remotely, according to Jeff Truedson, network security manager for lighting manufacturer Hubbell. "A GroupWise user could have someone accessing their e-mail, they would never even know it," he wrote in an e-mail publicly disclosing the vulnerability.

Truedson said he published details about the flaw after giving Novell almost three months to fix the issue. The problem affects versions 5.5, 6.5.2 and 6.0 of GroupWise on the Microsoft Windows platform.

According to Truedson, the vendor released a test version of a patch early in June with the aim of fixing the problem. ZDNet Australia  understands Novell subsequently acknowledged the patch was not effective. Truedson said he had not heard from the vendor for one month after that date.

A Novell spokesperson was not available to comment on the issue. The company's GroupWise worldwide support division is understood to be responsible for providing a fix.

• Related stories

• Alerts

Add your opinion

Switch to pine for secure emailAnonymous -- 22/06/05

Switch to pine for secure email

• Reply to comment
• Reply to story
• Report offensive content

Novell should stick to what they know best.. Making a loss.. and making the wrong technology decisions. Too many paths no real direction.Anonymous -- 22/06/05

Novell should stick to what they know best.. Making a loss.. and making the wrong technology decisions. Too many paths no real direction.

• Reply to comment
• Reply to story
• Report offensive content

Same problem as always, try to be everthing to everybody, maybe a Microsoft clone but really good at nothing much anymore. More and more NetWare customers have lost the faith and are switching to anything but Novell brandedAnonymous -- 23/06/05

Same problem as always, try to be everthing to everybody, maybe a Microsoft clone but really good at nothing much anymore. More and more NetWare customers have lost the faith and are switching to anything but Novell branded

• Reply to comment
• Reply to story
• Report offensive content

Wow. Judging from the responces so far Microsoft is in serious trouble given that the inability to fix a single security issue within reasonable time is reason enough to drop the entire product or even anything a vendor has to offer.Anonymous -- 23/06/05

Wow. Judging from the responces so far Microsoft is in serious trouble given that the inability to fix a single security issue within reasonable time is reason enough to drop the entire product or even anything a vendor has to offer.

• Reply to comment
• Reply to story
• Report offensive content

This is not exclusively a Novell or GroupWise problem. This is a common vulnerability for any application that caches passwords in plaintext. Other mail applications affected are Outlook and Thunderbird. GWAVA Security Research has performed further reAnonymous -- 24/06/05

This is not exclusively a Novell or GroupWise problem. This is a common vulnerability for any application that caches passwords in plaintext. Other mail applications affected are Outlook and Thunderbird. GWAVA Security Research has performed further research and released the following security advisory (below). Note that I disagree with some of the recommendations made in this advisory (screensavers and exiting the application may not be effective countermeasures).

*Clear Text Password Vulnerability in Common Mail Clients on Windows*

/Issue Date: June 21, 2005
Author: Joe Bertnick/

/_*Threat Level: Low*_/

*Overview:*

Passwords stored in memory as clear text for multiple mail systems
operating on Windows desktops.

*Affected Systems:*

/Outlook 2003/

/GroupWise 6.5.4 (Windows Client Only)/

/Thunderbird 1.02 (Windows Client Only)/

/Note: Other messaging clients operating under the Windows XP
platform
might also exhibit this vulnerability as it is very common. Please
refer to the Recommendations for best practices for reducing your
risk
for exposure./

*Impact:*

Unrestricted access to the mailbox of a single user and possible
password usage on other systems where passwords are shared in common
by applications or end-users.

*Details:*

This is a common vulnerability in many client applications operating
on the Windows operating system. GWAVA Security Research elected to
further research the vulnerability along multiple mail platforms and
provide a work around for customers. We are continuing to test this
under GroupWise and other mail platforms to find other workarounds.

There are a number of applications that cache authentication
information in memory as plain text. GroupWise, Outlook and
Thunderbird mail clients all operate in this manner. With a client
loaded into memory and authenticated to the mail system, someone
could
execute a memory dump of the application and recover the password.
The
password will always be located at the same offset.

This issue was first reported via insecurity.org by the security team
at truedson.com as a vulnerability in GroupWise. A link follows with
the original posting.

Users of Windows Desktopshould follow the recommendations listed
below.

*Recommendations:*

Implement screen saver password protection and log out of mail
clients
when leaving your workstation unattended. Install the patch when it
is
made available by the vendor. Migrating to Linux based Desktops such
as Novell Linux Desktop would also prevent this issue.

*References:*

Original Posting:
http://seclists.org/lists/fulldisclosure/2005/Jun/0262.html

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials