CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.8%
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
novell | netmail | * | cpe:2.3:a:novell:netmail:*:e-ftfl:*:*:*:*:*:* |
novell | netmail | 3.0.1 | cpe:2.3:a:novell:netmail:3.0.1:*:*:*:*:*:*:* |
novell | netmail | 3.0.3a | cpe:2.3:a:novell:netmail:3.0.3a:a:*:*:*:*:*:* |
novell | netmail | 3.0.3a | cpe:2.3:a:novell:netmail:3.0.3a:b:*:*:*:*:*:* |
novell | netmail | 3.1 | cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:* |
novell | netmail | 3.1 | cpe:2.3:a:novell:netmail:3.1:f:*:*:*:*:*:* |
novell | netmail | 3.5 | cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:* |
novell | netmail | 3.10 | cpe:2.3:a:novell:netmail:3.10:*:*:*:*:*:*:* |
novell | netmail | 3.10 | cpe:2.3:a:novell:netmail:3.10:a:*:*:*:*:*:* |
novell | netmail | 3.10 | cpe:2.3:a:novell:netmail:3.10:b:*:*:*:*:*:* |
secunia.com/advisories/23437
securityreason.com/securityalert/2081
securitytracker.com/id?1017437
www.cirt.dk/advisories/cirt-48-advisory.txt
www.kb.cert.org/vuls/id/381161
www.kb.cert.org/vuls/id/912505
www.securityfocus.com/archive/1/455201/100/0/threaded
www.securityfocus.com/archive/1/455202/100/0/threaded
www.securityfocus.com/bid/21724
www.securityfocus.com/bid/21725
www.vupen.com/english/advisories/2006/5134
www.zerodayinitiative.com/advisories/ZDI-06-052.html
www.zerodayinitiative.com/advisories/ZDI-06-053.html
secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html