<<< Date Index >>>     <<< Thread Index >>>

Re: [ISR] - Novell GroupWise Client Integer Overflow



On Tue, Sep 27, 2005 at 10:57:57AM -0300, Francisco Amato wrote:
[snip]

> .:: DESCRIPTION 
> 
> This issue is due to a failure of the application to securely parse the
> saved port number of the last authentication store in windows register. 
> 
> To reproduce this, we have to modify the default register key of
> HKEY_CURRENT_USER\Software\Novell\GroupWise\Login Parameters\TCP/IP Port 

This is obviously a bug, but why is this a security vulnerability?
Does the GroupWise client run with elevated privileges?
-- 
Crist J. Clark                     |     cjclark@xxxxxxxxxxxx