Buffer Overflow Vulnerability in Novell NetMail
CVE-2006-6424

Currently unrated

Key Information:

Vendor: Novell
Status: Netmail
Vendor: CVE Published:; 27 December 2006

What is CVE-2006-6424?

Multiple buffer overflow vulnerabilities exist in Novell NetMail before version 3.52e FTF2, allowing remote attackers to execute arbitrary code. Specifically, attackers can exploit a heap overflow by appending literals to certain IMAP verbs during command continuation requests to the IMAPD. Additionally, a crafted STOR command to the Network Messaging Application Protocol (NMAP) daemon can lead to a stack overflow, enabling further exploitation.

References

http://www.kb.cert.org/vuls/id/381161

third-party-advisoryx_refsource_CERT-VN

https://secure-support.novell.com/KanisaPlatform/Publishi...

x_refsource_CONFIRM

http://securityreason.com/securityalert/2081

third-party-advisoryx_refsource_SREASON

EPSS Score

59% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 27, 2006
Vulnerability Reserved
Dec 9, 2006