CVE-2006-6425

Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.

CVSS v2.0 9.0 HIGH

9.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/23437	Patch Vendor Advisory
http://securityreason.com/securityalert/2080
http://securitytracker.com/id?1017437	Patch
http://www.kb.cert.org/vuls/id/258753	US Government Resource
http://www.securityfocus.com/archive/1/455200/100/0/threaded
http://www.securityfocus.com/bid/21723
http://www.vupen.com/english/advisories/2006/5134
http://www.zerodayinitiative.com/advisories/ZDI-06-054.html	Patch Vendor Advisory
https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html	Patch
http://secunia.com/advisories/23437	Patch Vendor Advisory
http://securityreason.com/securityalert/2080
http://securitytracker.com/id?1017437	Patch
http://www.kb.cert.org/vuls/id/258753	US Government Resource
http://www.securityfocus.com/archive/1/455200/100/0/threaded
http://www.securityfocus.com/bid/21723
http://www.vupen.com/english/advisories/2006/5134
http://www.zerodayinitiative.com/advisories/ZDI-06-054.html	Patch Vendor Advisory
https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:novell:netmail::e-ftfl::::::*
	cpe:2.3:a:novell:netmail:3.0.1:::::::*
	cpe:2.3:a:novell:netmail:3.0.3a:a::::::
	cpe:2.3:a:novell:netmail:3.0.3a:b::::::
	cpe:2.3:a:novell:netmail:3.1:::::::*
	cpe:2.3:a:novell:netmail:3.1:f::::::
	cpe:2.3:a:novell:netmail:3.5:::::::*
	cpe:2.3:a:novell:netmail:3.10:::::::*
	cpe:2.3:a:novell:netmail:3.10:a::::::
	cpe:2.3:a:novell:netmail:3.10:b::::::
	cpe:2.3:a:novell:netmail:3.10:c::::::
	cpe:2.3:a:novell:netmail:3.10:d::::::
	cpe:2.3:a:novell:netmail:3.10:e::::::
	cpe:2.3:a:novell:netmail:3.10:f::::::
	cpe:2.3:a:novell:netmail:3.10:g::::::
	cpe:2.3:a:novell:netmail:3.10:h::::::

History

21 Nov 2024, 00:22

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/23437 - Patch, Vendor Advisory~~	() http://secunia.com/advisories/23437 - Patch, Vendor Advisory
References	~~() http://securityreason.com/securityalert/2080 -~~	() http://securityreason.com/securityalert/2080 -
References	~~() http://securitytracker.com/id?1017437 - Patch~~	() http://securitytracker.com/id?1017437 - Patch
References	~~() http://www.kb.cert.org/vuls/id/258753 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/258753 - US Government Resource
References	~~() http://www.securityfocus.com/archive/1/455200/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/455200/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/21723 -~~	() http://www.securityfocus.com/bid/21723 -
References	~~() http://www.vupen.com/english/advisories/2006/5134 -~~	() http://www.vupen.com/english/advisories/2006/5134 -
References	~~() http://www.zerodayinitiative.com/advisories/ZDI-06-054.html - Patch, Vendor Advisory~~	() http://www.zerodayinitiative.com/advisories/ZDI-06-054.html - Patch, Vendor Advisory
References	~~() https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html - Patch~~	() https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html - Patch

Information

Published : 2006-12-27 01:28

Updated : 2024-11-21 00:22

NVD link : CVE-2006-6425

Mitre link : CVE-2006-6425

CVE.ORG link : CVE-2006-6425

JSON object : View

Products Affected

novell

netmail

CWE

NVD-CWE-Other

9.0 /10