9

CVE-2006-6424

EPSS 64.13%
Published 27.12.2006 01:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Netmail Updatee-ftfl Version <= 3.5.2

Novell ≫ Netmail Version3.0.1

Novell ≫ Netmail Version3.0.3a Updatea

Novell ≫ Netmail Version3.0.3a Updateb

Novell ≫ Netmail Version3.1

Novell ≫ Netmail Version3.1 Updatef

Novell ≫ Netmail Version3.5

Novell ≫ Netmail Version3.10

Novell ≫ Netmail Version3.10 Updatea

Novell ≫ Netmail Version3.10 Updateb

Novell ≫ Netmail Version3.10 Updatec

Novell ≫ Netmail Version3.10 Updated

Novell ≫ Netmail Version3.10 Updatee

Novell ≫ Netmail Version3.10 Updatef

Novell ≫ Netmail Version3.10 Updateg

Novell ≫ Netmail Version3.10 Updateh

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	64.13%	0.984

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html

Patch

http://secunia.com/advisories/23437

Patch

Vendor Advisory

http://securityreason.com/securityalert/2081

http://securitytracker.com/id?1017437

Patch

http://www.cirt.dk/advisories/cirt-48-advisory.txt

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/381161

US Government Resource

http://www.kb.cert.org/vuls/id/912505

US Government Resource

http://www.securityfocus.com/archive/1/455201/100/0/threaded

http://www.securityfocus.com/archive/1/455202/100/0/threaded

http://www.securityfocus.com/bid/21724

http://www.securityfocus.com/bid/21725

http://www.vupen.com/english/advisories/2006/5134

http://www.zerodayinitiative.com/advisories/ZDI-06-052.html

Patch

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-06-053.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-6424

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6424

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6424

EUVD