Vulnerability Details CVE-2006-6425
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.76
EPSS Ranking 98.8%
CVSS Severity
CVSS v2 Score 9.0
References
- http://secunia.com/advisories/23437
- http://securityreason.com/securityalert/2080
- http://securitytracker.com/id?1017437
- http://www.kb.cert.org/vuls/id/258753
- http://www.securityfocus.com/archive/1/455200/100/0/threaded
- http://www.securityfocus.com/bid/21723
- http://www.vupen.com/english/advisories/2006/5134
- http://www.zerodayinitiative.com/advisories/ZDI-06-054.html
- https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html
- http://secunia.com/advisories/23437
- http://securityreason.com/securityalert/2080
- http://securitytracker.com/id?1017437
- http://www.kb.cert.org/vuls/id/258753
- http://www.securityfocus.com/archive/1/455200/100/0/threaded
- http://www.securityfocus.com/bid/21723
- http://www.vupen.com/english/advisories/2006/5134
- http://www.zerodayinitiative.com/advisories/ZDI-06-054.html
- https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.html
Products affected by CVE-2006-6425
-
cpe:2.3:a:novell:netmail:*
-
cpe:2.3:a:novell:netmail:3.0.1
-
cpe:2.3:a:novell:netmail:3.0.3a
-
cpe:2.3:a:novell:netmail:3.1
-
cpe:2.3:a:novell:netmail:3.10
-
cpe:2.3:a:novell:netmail:3.5