9

CVE-2006-6424

EPSS 63.43%
Veröffentlicht 27.12.2006 01:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Novell ≫ Netmail Updatee-ftfl Version <= 3.5.2

Novell ≫ Netmail Version3.0.1

Novell ≫ Netmail Version3.0.3a Updatea

Novell ≫ Netmail Version3.0.3a Updateb

Novell ≫ Netmail Version3.1

Novell ≫ Netmail Version3.1 Updatef

Novell ≫ Netmail Version3.5

Novell ≫ Netmail Version3.10

Novell ≫ Netmail Version3.10 Updatea

Novell ≫ Netmail Version3.10 Updateb

Novell ≫ Netmail Version3.10 Updatec

Novell ≫ Netmail Version3.10 Updated

Novell ≫ Netmail Version3.10 Updatee

Novell ≫ Netmail Version3.10 Updatef

Novell ≫ Netmail Version3.10 Updateg

Novell ≫ Netmail Version3.10 Updateh

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	63.43%	0.983

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html

Patch

http://secunia.com/advisories/23437

Patch

Vendor Advisory

http://securityreason.com/securityalert/2081

http://securitytracker.com/id?1017437

Patch

http://www.cirt.dk/advisories/cirt-48-advisory.txt

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/381161

US Government Resource

http://www.kb.cert.org/vuls/id/912505

US Government Resource

http://www.securityfocus.com/archive/1/455201/100/0/threaded

http://www.securityfocus.com/archive/1/455202/100/0/threaded

http://www.securityfocus.com/bid/21724

http://www.securityfocus.com/bid/21725

http://www.vupen.com/english/advisories/2006/5134

http://www.zerodayinitiative.com/advisories/ZDI-06-052.html

Patch

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-06-053.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-6424

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6424

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6424

EUVD