Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-6424
HistoryDec 27, 2006 - 1:28 a.m.

CVE-2006-6424

2006-12-2701:28:00
[email protected]
web.nvd.nist.gov
6

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.892

Percentile

98.8%

JSON

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

Affected configurations

Nvd
Node
novellnetmailRange3.5.2e-ftfl
OR
novellnetmailMatch3.0.1
OR
novellnetmailMatch3.0.3aa
OR
novellnetmailMatch3.0.3ab
OR
novellnetmailMatch3.1
OR
novellnetmailMatch3.1f
OR
novellnetmailMatch3.5
OR
novellnetmailMatch3.10
OR
novellnetmailMatch3.10a
OR
novellnetmailMatch3.10b
OR
novellnetmailMatch3.10c
OR
novellnetmailMatch3.10d
OR
novellnetmailMatch3.10e
OR
novellnetmailMatch3.10f
OR
novellnetmailMatch3.10g
OR
novellnetmailMatch3.10h
VendorProductVersionCPE
novellnetmail*cpe:2.3:a:novell:netmail:*:e-ftfl:*:*:*:*:*:*
novellnetmail3.0.1cpe:2.3:a:novell:netmail:3.0.1:*:*:*:*:*:*:*
novellnetmail3.0.3acpe:2.3:a:novell:netmail:3.0.3a:a:*:*:*:*:*:*
novellnetmail3.0.3acpe:2.3:a:novell:netmail:3.0.3a:b:*:*:*:*:*:*
novellnetmail3.1cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*
novellnetmail3.1cpe:2.3:a:novell:netmail:3.1:f:*:*:*:*:*:*
novellnetmail3.5cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:*:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:a:*:*:*:*:*:*
novellnetmail3.10cpe:2.3:a:novell:netmail:3.10:b:*:*:*:*:*:*
Rows per page:
1-10 of 161

Related

checkpoint_advisories 2
cert 2
saint 4
metasploit 1
zdi 2
packetstorm 1
cvelist 1
cve 1
securityvulns 2
exploitdb 1
checkpoint_advisories
checkpoint_advisories
Novell NetMail NMAP STOR Command Buffer Overflow (CVE-2006-6424)
2007-01-30 00:00:00
Novell NetMail IMAP Verb Literal Heap Overflow (CVE-2006-6424)
2007-04-01 00:00:00
cert
cert
Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands
2007-01-17 00:00:00
Novell NetMail IMAP vulnerable to buffer overflow when processing command continuation requests
2007-01-18 00:00:00
saint
saint
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
metasploit
metasploit
Novell NetMail NMAP STOR Buffer Overflow
2007-03-01 12:44:47
zdi
zdi
Novell NetMail NMAP STOR Buffer Overflow Vulnerability
2006-12-22 00:00:00
Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability
2006-12-22 00:00:00
packetstorm
packetstorm
Novell NetMail <= 3.52d NMAP STOR Buffer Overflow
2009-11-26 00:00:00
cvelist
cvelist
CVE-2006-6424
2006-12-27 01:00:00
cve
cve
CVE-2006-6424
2006-12-27 01:28:00
securityvulns
securityvulns
[Full-disclosure] ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability
2006-12-23 00:00:00
[Full-disclosure] ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability
2006-12-23 00:00:00
exploitdb
exploitdb
Novell NetMail 3.52d - NMAP STOR Buffer Overflow (Metasploit)
2010-05-09 00:00:00

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.892

Percentile

98.8%

JSON
Related for NVD:CVE-2006-6424
checkpoint_advisories2cert2saint4metasploit1zdi2packetstorm1cvelist1cve1securityvulns2exploitdb1