Lucene search
+L

164 matches found

seebug
seebug
added 2006/12/28 12:0 a.m.18 views

Novell Netmail IMAP SUBSCRIBE缓冲区溢出漏洞

Novell Netmail是一款电子邮件和日历系统。 Novell Netmail包含的IMAP实现处理subscribe命令存在设计缺陷,远程攻击者可以利用漏洞进行缓冲区溢出攻击,可能以进程权限执行任意指令。 当超长字符串作为subscribe的参数提交给服务器,可导致应用程序由于缺少正确边界检查而造成缓冲区溢出,精心构建提交数据,可能以进程权限执行任意指令。 Novell NetMail 3.52 D Novell NetMail 3.52 C1 Novell NetMail 3.52 C Novell NetMail 3.52 B Novell NetMail 3.52 A...

7.1AI score
Exploits0
nvd
nvd
added 2006/12/27 2:28 a.m.23 views

CVE-2006-6762

The IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "" parenthesis in the argument...

4CVSS6.3AI score0.01675EPSS
Exploits0References6
nvd
nvd
added 2006/12/27 2:28 a.m.34 views

CVE-2006-6761

Stack-based buffer overflow in the IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command...

6.5CVSS7.7AI score0.5367EPSS
Exploits4References7
cvelist
cvelist
added 2006/12/27 2:0 a.m.41 views

CVE-2006-6761

Stack-based buffer overflow in the IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command...

7.7AI score0.5367EPSS
Exploits4References7
cve
cve
added 2006/12/27 2:0 a.m.60 views

CVE-2006-6762

The CVE-2006-6762 entry affects Novell NetMail’s IMAP server (IMAPD) prior to 3.52e FTF2. A buffer overflow may occur when processing parameters to the APPEND command, enabling a remote authenticated attacker to cause a denial-of-service. Remediation: apply the vendor update per Novell document 3...

4CVSS6.4AI score0.01675EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2006/12/27 2:0 a.m.29 views

CVE-2006-6762

The IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "" parenthesis in the argument...

6.3AI score0.01675EPSS
Exploits0References6
cve
cve
added 2006/12/27 2:0 a.m.53 views

CVE-2006-6761

CVE-2006-6761 describes a stack-based buffer overflow in the IMAPD of Novell NetMail prior to 3.52e FTF2 . An attacker with authenticated remote access can trigger the overflow by sending a long argument to the IMAP SUBSCRIBE command, potentially allowing arbitrary code execution on affected syst...

6.5CVSS7.7AI score0.5367EPSS
Exploits4References7Affected Software1
nvd
nvd
added 2006/12/27 1:28 a.m.29 views

CVE-2006-6424

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code 1 by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and 2 via crafted arguments to the STOR command to the...

9CVSS7.7AI score0.57909EPSS
Exploits7References14
nvd
nvd
added 2006/12/27 1:28 a.m.29 views

CVE-2006-6425

Stack-based buffer overflow in the IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command...

9CVSS7.5AI score0.58474EPSS
Exploits7References9
cvelist
cvelist
added 2006/12/27 1:0 a.m.26 views

CVE-2006-6424

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code 1 by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and 2 via crafted arguments to the STOR command to the...

7.7AI score0.57909EPSS
Exploits7References14
cvelist
cvelist
added 2006/12/27 1:0 a.m.35 views

CVE-2006-6425

Stack-based buffer overflow in the IMAP daemon IMAPD in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command...

7.5AI score0.58474EPSS
Exploits7References9
cve
cve
added 2006/12/27 1:0 a.m.52 views

CVE-2006-6424

The CVE-2006-6424 vulnerability affects Novell NetMail (NMAP STOR and IMAP handling). Affected: NetMail servers prior to 3.52e FTF2; NMAP STOR buffer overflow can yield remote code execution, and IMAP command continuation handling can cause a heap overflow. Confirmed exploitation is possible via ...

9CVSS7.6AI score0.57909EPSS
Exploits7References14Affected Software1
cve
cve
added 2006/12/27 1:0 a.m.60 views

CVE-2006-6425

CVE-2006-6425 describes a stack-based buffer overflow in the Novell NetMail IMAP daemon (IMAPD) when processing the APPEND command, affecting NetMail versions prior to 3.52e FTF2. An authenticated remote attacker who can access IMAP services could trigger arbitrary code execution in the IMAP serv...

9CVSS7.5AI score0.58474EPSS
Exploits7References9Affected Software1
seebug
seebug
added 2006/12/26 12:0 a.m.56 views

Novell Netmail NMAP服务STOR命令远程溢出漏洞

Novell NetMail是基于Internet标准消息和安全协议的邮件和日历系统。 NetMail中绑定到TCP 689端口的NMAP服务(nmapd.exe)在处理STOR命令时存在缓冲区溢出漏洞,如果攻击者能够向该命令发送特定参数的话,就可以触发这个溢出,导致执行任意指令。 Novell NetMail 3.52 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026f.SALPublic.html...

7.1AI score
Exploits0
seebug
seebug
added 2006/12/26 12:0 a.m.13 views

Novell Netmail IMAP服务APPEND命令远程栈溢出漏洞

Novell NetMail是基于Internet标准消息和安全协议的邮件和日历系统。 NetMail IMAP服务程序在处理APPEND命令时存在栈溢出漏洞,如果攻击者能够向该命令发送特定参数的话,就可以触发这个溢出,导致执行任意指令。 Novell NetMail 3.52 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026f.SALPublic.html...

7.1AI score
Exploits0
seebug
seebug
added 2006/12/26 12:0 a.m.26 views

Novell Netmail IMAP服务命令参数串接远程堆溢出漏洞

Novell NetMail是基于Internet标准消息和安全协议的邮件和日历系统。 NetMail的IMAP服务在处理命令参数的串接时存在漏洞,远程攻击者可能利用此漏洞在服务器上执行任意指令。 NetMail的IMAP服务(imapd.exe)在将文字内容附加到IMAP命令以生成请求时没有充分的验证用户输入的长度值。所分配的用于存储额外数据的内存可能不充分,导致堆溢出。 Novell NetMail 3.52 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/25 12:0 a.m.39 views

[Full-disclosure] iDefense Security Advisory 12.23.06: Novell Netmail IMAP append Denial of Service Vulnerability

Novell Netmail IMAP append Denial of Service Vulnerability iDefense Security Advisory 12.23.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 23, 2006 I. BACKGROUND Novell NetMail is an e-mail and calendar system that is based on standard Internet protocols. More information can be...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2006/12/25 12:0 a.m.30 views

[Full-disclosure] iDefense Security Advisory 12.23.06: Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability

Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability iDefense Security Advisory 12.23.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 23, 2006 I. BACKGROUND Novell NetMail is an e-mail and calendar system that is based on standard Internet protocols. More information can be...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/12/25 12:0 a.m.51 views

Novell NetMail IMAP server multiple buffer overflows

Buffer overflows on STOP, APPEND commands and on IMAP literals parsing...

4.2AI score
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2006/12/23 12:0 a.m.42 views

[Full-disclosure] ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability

ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-054.html December 22, 2006 -- CVE ID: CVE-2006-6425 -- Affected Vendor: Novell -- Affected Products: Novell NetMail 3.5.2 -- TippingPointTM IPS Customer Protection: TippingPoint...

9CVSS0.5AI score0.58474EPSS
Exploits7
Rows per page
Query Builder