I’m writing this to provide some general information related to GroupWise, Security, and the MD5 hash algorithm. You may not fully understand what MD5 is or how it works, and that’s okay. But you do need to be aware that your GroupWise system could be at risk if you are using MD5 anywhere in your system.
GroupWise Vulnerability with MD5 Hash
Your GroupWise email system utilizes SSL Certificates in many different places. These certificates secure the communication by encrypting the data. Because the main tool provided by Novell to create SSL Certificates uses the MD5 hash algorithm, it’s very likely that your GroupWise system is secured with MD5 based certificates. If this is the case, your system is at risk since the MD5 Hash has recently been cracked.
Where GroupWise may be Vulnerable
There are three main points where GroupWise may be using MD5 based certificates:
- Agent Configurations (Most likely using MD5)
- GroupWise WebAccess (Might be using MD5)
- Secure Authentication (Less likely to be using MD5)
The most probable is with the Agent configurations, which controls encryption between the GroupWise Client and the Post Office and other “back end” communications. This could also include IMAP, POP, SMTP, and SOAP, which are all common mail protocols used in various scenarios.
Determine if your Systems are Vulnerable
It’s important to determine if any of your GroupWise components utilize the MD5 hash algorithms. If you find any that are using MD5, they should be replaced. The following items should be checked:
- All GroupWise Agents
- Web Server running GroupWise WebAccess
- Authentication Sources using Secure LDAP
Replacement of MD5 Certificates with SHA1 or better Certificates
We recommend that all systems running GroupWise should be audited. If any components are found that use MD5 certificates, they should be replaced immediately. Since our company specialize in GroupWise, we can help determine if your systems are at risk, and provide prompt remediation of any issues found.