Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2804Groupwise vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
5.3%
top 9.96%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Groupwise
Timeline
PublishedOct 4
Latest updateMay 1

Description

Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDnovell/groupwise6.5.3

Patches

Patch: lists.grok.org.ukPatch: support.novell.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-jx7q-3q7f-f699: Integer overflow in the registry parsing code in GroupWise 62022-05-01
CVEList
CVE-2005-2804: Integer overflow in the registry parsing code in GroupWise 62005-10-04

💥Exploits & PoCs

1
Exploit-DB
Novell Groupwise Client 6.5.3 - Local Integer Overflow2005-09-27
CVE-2005-2804 — Novell Groupwise vulnerability | cvebase