ID CVE-2006-6761
Summary Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command. This vulnerability is addressed in the following product update: Novell, NetMail, 3.52e FTF2
References
Vulnerable Configurations
  • cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:c1:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:c1:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:d:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:d:*:*:*:*:*:*
  • cpe:2.3:a:novell:netmail:3.5.2:e-ftfl:*:*:*:*:*:*
    cpe:2.3:a:novell:netmail:3.5.2:e-ftfl:*:*:*:*:*:*
CVSS
Base: 6.5 (as of 08-03-2011 - 02:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
refmap via4
bid 21728
cert-vn VU#863313
confirm https://secure-support.novell.com/KanisaPlatform/Publishing/328/3717068_f.SAL_Public.html
idefense 20061223 Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability
sectrack 1017437
secunia 23437
vupen ADV-2006-5134
Last major update 08-03-2011 - 02:46
Published 27-12-2006 - 02:28
Last modified 08-03-2011 - 02:46
Back to Top