Lucene search
AnonymousZDI-06-053HistoryDec 22, 2006 - 12:00 a.m.
Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability
2006-12-2200:00:00
Anonymous
www.zerodayinitiative.com
20
EPSS
0.892
Percentile
98.8%
This vulnerability allows remote attackers to execute arbitrary code on affected versions of Novell NetMail. Authentication is not required to exploit this vulnerability. The specific flaw exists in the NetMail IMAP service, imapd.exe. The service does not sufficiently validate user-input length values when literals are appended to IMAP verbs to specify a command continuation request. The memory allocated to store the additional data may be insufficient, leading to an exploitable heap-based buffer overflow.
Related
checkpoint_advisories
checkpoint_advisories
Novell NetMail NMAP STOR Command Buffer Overflow (CVE-2006-6424)
2007-01-30 00:00:00
Novell NetMail IMAP Verb Literal Heap Overflow (CVE-2006-6424)
2007-04-01 00:00:00
nvd
nvd
CVE-2006-6424
2006-12-27 01:28:00
cert
cert
saint
saint
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
Novell NetMail NMAP STOR command buffer overflow
2007-01-05 00:00:00
metasploit
metasploit
Novell NetMail NMAP STOR Buffer Overflow
2007-03-01 12:44:47
zdi
zdi
Novell NetMail NMAP STOR Buffer Overflow Vulnerability
2006-12-22 00:00:00
packetstorm
packetstorm
Novell NetMail <= 3.52d NMAP STOR Buffer Overflow
2009-11-26 00:00:00
cvelist
cvelist
CVE-2006-6424
2006-12-27 01:00:00
cve
cve
CVE-2006-6424
2006-12-27 01:28:00
securityvulns
securityvulns
exploitdb
exploitdb
Novell NetMail 3.52d - NMAP STOR Buffer Overflow (Metasploit)
2010-05-09 00:00:00