Lucene search

MitreCVE-2006-6424

HistoryDec 27, 2006 - 1:28 a.m.

CVE-2006-6424

2006-12-2701:28:00

mitre

web.nvd.nist.gov

cve-2006-6424

novell netmail

buffer overflow

remote code execution

imap

nmap

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.892

Percentile

98.8%

JSON

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

Affected configurations

Nvd

Node

novellnetmailRange≤3.5.2e-ftfl

novellnetmailMatch3.0.1

novellnetmailMatch3.0.3aa

novellnetmailMatch3.0.3ab

novellnetmailMatch3.1

novellnetmailMatch3.1f

novellnetmailMatch3.5

novellnetmailMatch3.10

novellnetmailMatch3.10a

novellnetmailMatch3.10b

novellnetmailMatch3.10c

novellnetmailMatch3.10d

novellnetmailMatch3.10e

novellnetmailMatch3.10f

novellnetmailMatch3.10g

novellnetmailMatch3.10h

VendorProductVersionCPE
novellnetmail*cpe:2.3:a:novell:netmail:*:e-ftfl:*:*:*:*:*:*
novellnetmail3.0.1cpe:2.3:a:novell:netmail:3.0.1:*:*:*:*:*:*:*
novellnetmail3.0.3acpe:2.3:a:novell:netmail:3.0.3a:a:*:*:*:*:*:*
novellnetmail3.0.3acpe:2.3:a:novell:netmail:3.0.3a:b:*:*:*:*:*:*
novellnetmail3.1cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*
novellnetmail3.1cpe:2.3:a:novell:netmail:3.1:f:*:*:*:*:*:*
novellnetmail3.5cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:*:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:a:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:b:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	netmail	*	cpe:2.3:a:novell:netmail::e-ftfl::::::*
novell	netmail	3.0.1	cpe:2.3:a:novell:netmail:3.0.1:::::::*
novell	netmail	3.0.3a	cpe:2.3:a:novell:netmail:3.0.3a:a::::::
novell	netmail	3.0.3a	cpe:2.3:a:novell:netmail:3.0.3a:b::::::
novell	netmail	3.1	cpe:2.3:a:novell:netmail:3.1:::::::*
novell	netmail	3.1	cpe:2.3:a:novell:netmail:3.1:f::::::
novell	netmail	3.5	cpe:2.3:a:novell:netmail:3.5:::::::*
novell	netmail	3.10	cpe:2.3:a:novell:netmail:3.10:::::::*
novell	netmail	3.10	cpe:2.3:a:novell:netmail:3.10:a::::::
novell	netmail	3.10	cpe:2.3:a:novell:netmail:3.10:b::::::