The host is installed with Novell messenger 2.1 or 2.2.x before 2.2, Groupwise Messenger 2.0.4 or earlier and is prone to memory disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted command that would force the Messenger server process to return the contents of arbitrary memory locations, Successful exploitation allows remote attackers to read from arbitrary memory locations.