Novell NetMail IMAP imapd.exe APPEND Command Buffer Overflow
Publish Date: 15 février 2011
Gravité: : Critique
Identifiant(s) CVE: : CVE-2006-6425
Date du conseil: 15 février 2011
Description
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell
NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary
code via unspecified vectors involving the APPEND command.
Information Exposure Rating:
Successful exploitation requires a valid user account. This
vulnerability is addressed in the following product update: Novell, NetMail,
3.52e FTF2
Solutions
Trend Micro Deep Security DPI Rule Number: 1000900
Trend Micro Deep Security DPI Rule Name: 1000900 - Novell NetMail IMAP imapd.exe APPEND Command Buffer Overflow
Affected software and version:
- Novell Netmail 3.0.1
- Novell Netmail 3.0.3
- Novell Netmail 3.0.3a
- Novell Netmail 3.0.3b
- Novell Netmail 3.1
- Novell Netmail 3.10
- Novell Netmail 3.10a
- Novell Netmail 3.10b
- Novell Netmail 3.10c
- Novell Netmail 3.10d
- Novell Netmail 3.10e
- Novell Netmail 3.10f
- Novell Netmail 3.10g
- Novell Netmail 3.10h
- Novell Netmail 3.1f
- Novell Netmail 3.5
- Novell Netmail 3.5.2