Novell NetMail IMAP imapd.exe APPEND Command Buffer Overflow
Severity: : Critical
CVE Kennungen: : CVE-2006-6425
Advisory Date: 15 lutego 2011
DESCRIPTION
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell
NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary
code via unspecified vectors involving the APPEND command.
INFORMATION EXPOSURE
Successful exploitation requires a valid user account. This
vulnerability is addressed in the following product update: Novell, NetMail,
3.52e FTF2
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000900
Trend Micro Deep Security DPI Rule Name: 1000900 - Novell NetMail IMAP imapd.exe APPEND Command Buffer Overflow
AFFECTED SOFTWARE AND VERSION:
- Novell Netmail 3.0.1
- Novell Netmail 3.0.3
- Novell Netmail 3.0.3a
- Novell Netmail 3.0.3b
- Novell Netmail 3.1
- Novell Netmail 3.10
- Novell Netmail 3.10a
- Novell Netmail 3.10b
- Novell Netmail 3.10c
- Novell Netmail 3.10d
- Novell Netmail 3.10e
- Novell Netmail 3.10f
- Novell Netmail 3.10g
- Novell Netmail 3.10h
- Novell Netmail 3.1f
- Novell Netmail 3.5
- Novell Netmail 3.5.2