ID CVE-2006-6762
Summary The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument. This vulnerability is addressed in the following product update: Novell, NetMail, 3.52e FTF2
References
Vulnerable Configurations
  • cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:c1:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:c1:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:d:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:d:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:e-ftfl:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:e-ftfl:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 08-03-2011 - 02:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
refmap via4
bid 21729
cert-vn VU#944273
confirm https://secure-support.novell.com/KanisaPlatform/Publishing/328/3717068_f.SAL_Public.html
idefense 20061223 Novell Netmail IMAP append Denial of Service Vulnerability
secunia 23437
vupen ADV-2006-5134
Last major update 08-03-2011 - 02:46
Published 27-12-2006 - 02:28
Last modified 08-03-2011 - 02:46
Back to Top