| Vulnerability Name: | CVE-2006-6424 (CCN-31070) | ||||||||
| Assigned: | 2006-12-22 | ||||||||
| Published: | 2006-12-22 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow. Successful exploitation requires a valid user account. This vulnerability is addressed in the following product update: Novell, NetMail, 3.52e FTF2 | ||||||||
| CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C) 6.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6424 Source: CCN Type: SA23437 Novell NetMail NMAP/IMAP Multiple Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 23437 Source: SREASON Type: UNKNOWN 2081 Source: CCN Type: SECTRACK ID: 1017437 Novell NetMail Buffer Overflows in IMAP and NMAP Services Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: Patch 1017437 Source: MISC Type: Patch, Vendor Advisory http://www.cirt.dk/advisories/cirt-48-advisory.txt Source: CCN Type: US-CERT VU#381161 Novell NetMail IMAP vulnerable to buffer overflow when processing command continuation requests Source: CERT-VN Type: US Government Resource VU#381161 Source: CCN Type: US-CERT VU#912505 Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands Source: CERT-VN Type: US Government Resource VU#912505 Source: BUGTRAQ Type: UNKNOWN 20061223 ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability Source: BUGTRAQ Type: UNKNOWN 20061223 ZDI-06-053: Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability Source: BID Type: UNKNOWN 21724 Source: CCN Type: BID-21724 Novell Netmail IMAP Verb Literal Heap Overflow Vulnerability Source: BID Type: UNKNOWN 21725 Source: CCN Type: BID-21725 Novell Netmail NMAP STOR Buffer Overflow Vulnerability Source: CCN Type: BID-21773 Novell Netmail Multiple Services Unspecified Stack Buffer Overflow Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-5134 Source: MISC Type: Patch, Vendor Advisory http://www.zerodayinitiative.com/advisories/ZDI-06-052.html Source: MISC Type: Patch, Vendor Advisory http://www.zerodayinitiative.com/advisories/ZDI-06-053.html Source: XF Type: UNKNOWN netmail-imap-verbs-bo(31070) Source: CCN Type: Novell Security Alert 3096026 Security Vulnerabilities: Buffer Overrun in NetMail 3.52 Source: CONFIRM Type: Patch https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html Source: CCN Type: ZDI-06-052 Novell NetMail NMAP STOR Buffer Overflow Vulnerability Source: CCN Type: ZDI-06-053 Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2006-6424 (CCN-31075) | ||||||||
| Assigned: | 2006-12-22 | ||||||||
| Published: | 2006-12-22 | ||||||||
| Updated: | 2006-12-22 | ||||||||
| Summary: | Novell NetMail is vulnerable to a stack-based buffer overflow, caused by improper bounds checking in the NMAP service. By sending a specially-crafted argument to the STOR command, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. | ||||||||
| CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C) 7.5 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C)
5.4 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:F/RL:OF/RC:C)
| ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6424 Source: CCN Type: SA23437 Novell NetMail NMAP/IMAP Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1017437 Novell NetMail Buffer Overflows in IMAP and NMAP Services Let Remote Users Execute Arbitrary Code Source: CCN Type: US-CERT VU#381161 Novell NetMail IMAP vulnerable to buffer overflow when processing command continuation requests Source: CCN Type: US-CERT VU#912505 Novell NetMail NMAP vulnerable to buffer overflow when processing "STOR" commands Source: CCN Type: BID-21724 Novell Netmail IMAP Verb Literal Heap Overflow Vulnerability Source: CCN Type: BID-21725 Novell Netmail NMAP STOR Buffer Overflow Vulnerability Source: CCN Type: BID-21773 Novell Netmail Multiple Services Unspecified Stack Buffer Overflow Vulnerabilities Source: XF Type: UNKNOWN netmail-stor-bo(31075) Source: CCN Type: Novell Security Alert 3096026 Security Vulnerabilities: Buffer Overrun in NetMail 3.52 Source: CCN Type: Rapid7 Vulnerability and Exploit Database [12-23-2006] Novell NetMail NMAP STOR Buffer Overflow Source: CCN Type: ZDI-06-052 Novell NetMail NMAP STOR Buffer Overflow Vulnerability Source: CCN Type: ZDI-06-053 Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||