1. CVE-Search
  2. CVE-2006-6425
ID CVE-2006-6425
Summary Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command. Successful exploitation requires a valid user account. This vulnerability is addressed in the following product update: Novell, NetMail, 3.52e FTF2
References
Vulnerable Configurations
  • cpe:2.3:a:novell:netmail:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.0.3a:a:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.0.3a:a:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.0.3a:b:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.0.3a:b:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.1:f:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.1:f:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:*:e-ftfl:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:*:e-ftfl:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:a:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:a:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:b:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:b:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:c:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:c:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:d:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:d:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:e:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:e:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:f:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:f:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:g:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:g:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.10:h:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.10:h:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 17-10-2018 - 21:48)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 21723
bugtraq 20061223 ZDI-06-054: Novell NetMail IMAP APPEND Buffer Overflow Vulnerability
cert-vn VU#258753
confirm https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html
misc http://www.zerodayinitiative.com/advisories/ZDI-06-054.html
sectrack 1017437
secunia 23437
sreason 2080
vupen ADV-2006-5134
saint via4
bid 21723
description NetMail IMAP APPEND command buffer overflow
id mail_imap_netmailneg
osvdb 31362
title netmail_imap_append
type remote
Last major update 17-10-2018 - 21:48
Published 27-12-2006 - 01:28
Last modified 17-10-2018 - 21:48
Back to Top