CVE-2006-6424 Information

Feb 14, 2021 cve

Description

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon resulting in a stack overflow.

Reference

http://secunia.com/advisories/23437 http://securityreason.com/securityalert/2081 http://securitytracker.com/id?1017437 http://www.cirt.dk/advisories/cirt-48-advisory.txt http://www.kb.cert.org/vuls/id/381161 http://www.kb.cert.org/vuls/id/912505 http://www.securityfocus.com/archive/1/455201/100/0/threaded http://www.securityfocus.com/archive/1/455202/100/0/threaded http://www.securityfocus.com/bid/21724 http://www.securityfocus.com/bid/21725 http://www.vupen.com/english/advisories/2006/5134 http://www.zerodayinitiative.com/advisories/ZDI-06-052.html http://www.zerodayinitiative.com/advisories/ZDI-06-053.html https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html

Share on: