Novell Groupwise Internet Agent IMAP LIST Command: Remote Code Execution Vulnerability

Users of Novell Groupwise Internet Agent please be advised of a Remote Code Execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

ZDI-10-242: [ZDI-10-242] Novell Groupwise Internet Agent IMAP LIST Command Remote Code Execution Vulnerability
— Affected Products:
Novell Groupwise
— Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Novell Groupwise Internet Agent.
Authentication is not required to exploit this vulnerability.

The flaw exists within the IMAP server component which listens by
default on TCP port 143. When handling an IMAP LIST command with a large
parameter the process attempts to free the same memory twice. A remote
attacker can exploit this vulnerability to execute arbitrary code under
the context of the IMAP server.