Stack-based Buffer Overflow in Novell NetMail IMAP Daemon
CVE-2006-6425

Currently unrated

Key Information:

Vendor: Novell
Status: Netmail
Vendor: CVE Published:; 27 December 2006

Summary

A stack-based buffer overflow exists within the IMAP daemon in Novell NetMail prior to version 3.52e FTF2. This vulnerability enables remote authenticated users to potentially execute arbitrary code on the server through various unspecified vectors associated with the APPEND command. Attackers could exploit this flaw to compromise system integrity and disrupt service availability.

References

http://www.securityfocus.com/archive/1/455200/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/21723

vdb-entryx_refsource_BID

https://secure-support.novell.com/KanisaPlatform/Publishi...

x_refsource_CONFIRM

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 27, 2006
Vulnerability Reserved
Dec 9, 2006