Novell NetMail servers include the Network Messaging Application Protocol (NMAP) service, which listens on port 689/TCP.
A buffer overflow in Novell NetMail allows remote attackers to execute arbitrary commands by sending a specially crafted
**STOR** command to the NMAP service.
Apply the patch available from Novell.
Exploit works on Novell NetMail 3.52e FTF1.
For the exploit to succeed, the address of the host running SAINTexploit must be present in the target server's trusted hosts list. (The trusted hosts list is available from the web interface running on port 89/TCP on the target server. Choose Internet Services -> Messaging Server -> NMAP Agent -> Trusted Hosts.)