Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:8F1B86241DF23534377AA9E12E1E0ACB
HistoryDec 29, 2006 - 12:00 a.m.

NetMail IMAP APPEND command buffer overflow

2006-12-2900:00:00
SAINT Corporation
www.saintcorporation.com
13

0.163 Low

EPSS

Percentile

95.5%

JSON

Added: 12/29/2006
CVE: CVE-2006-6425
BID: 21723
OSVDB: 31362

Background

Novell NetMail is an e-mail and calendaring server application.

Problem

A buffer overflow in the NetMail IMAP service allows remote, authenticated attackers to execute arbitrary commands by sending a long, specially crafted APPEND command.

Resolution

Apply NetMail 3.5.2e FTF2 for Linux, Netware, or Windows.

References

[http://www.novell.com/support/search.do?cmd=displayKC&amp;externalId=3096026&amp;sliceId=SAL_Public ](<http://www.novell.com/support/search.do?cmd=displayKC&externalId=3096026&sliceId=SAL_Public
>)
<http://www.zerodayinitiative.com/advisories/ZDI-06-054.html&gt;

Limitations

Exploit works on NetMail 3.5.2 and requires the login and password of a valid IMAP account.

Platforms

Windows 2000
Windows XP

Related

saint 3
checkpoint_advisories 2
packetstorm 1
zdi 1
securityvulns 1
cve 1
cert 1
saint
saint
NetMail IMAP APPEND command buffer overflow
2006-12-29 00:00:00
NetMail IMAP APPEND command buffer overflow
2006-12-29 00:00:00
NetMail IMAP APPEND command buffer overflow
2006-12-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Preemptive Protection against Novell NetMail IMAP 'APPEND' Buffer Overflow Vulnerability
2007-01-11 00:00:00
Novell NetMail IMAP APPEND Command Buffer Overflow (CVE-2006-6425)
2009-10-19 00:00:00
packetstorm
packetstorm
Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow
2009-11-26 00:00:00
zdi
zdi
Novell NetMail IMAP APPEND Buffer Overflow Vulnerability
2006-12-22 00:00:00
securityvulns
securityvulns
[Full-disclosure] ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability
2006-12-23 00:00:00
cve
cve
CVE-2006-6425
2006-12-27 01:28:00
cert
cert
Novell NetMail IMAP server vulnerable to buffer overflow when processing "APPEND" commands
2007-01-17 00:00:00

0.163 Low

EPSS

Percentile

95.5%

JSON
Related for SAINT:8F1B86241DF23534377AA9E12E1E0ACB
saint3checkpoint_advisories2packetstorm1zdi1securityvulns1cve1cert1