CVE-2006-6424

Currently unrated

Key Information:

Vendor: Novell
Status: Netmail
Vendor: CVE Published:; 27 December 2006

Summary

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

References

http://www.kb.cert.org/vuls/id/381161

third-party-advisoryx_refsource_CERT-VN

https://secure-support.novell.com/KanisaPlatform/Publishi...

x_refsource_CONFIRM

http://securityreason.com/securityalert/2081

third-party-advisoryx_refsource_SREASON

EPSS Score

82% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 27, 2006
Vulnerability Reserved
Dec 9, 2006

Collectors

NVD DatabaseMitre Database