CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6424

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.0620%
EPSS Percentile38.28th
PublishedDec 27, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.

Affected Platforms (CPE)

πŸ“¦
Novell

Netmail

<= 3.5.2
πŸ“¦
Novell

Netmail

= 3.0.1
πŸ“¦
Novell

Netmail

= 3.0.3a
πŸ“¦
Novell

Netmail

= 3.0.3a
πŸ“¦
Novell

Netmail

= 3.1
πŸ“¦
Novell

Netmail

= 3.1
πŸ“¦
Novell

Netmail

= 3.5
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10
πŸ“¦
Novell

Netmail

= 3.10

References & Advisories

πŸ”— http://secunia.com/advisories/23437
πŸ”— http://securityreason.com/securityalert/2081
πŸ”— http://securitytracker.com/id?1017437
πŸ”— http://www.cirt.dk/advisories/cirt-48-advisory.txt
πŸ”— http://www.kb.cert.org/vuls/id/381161
πŸ”— http://www.kb.cert.org/vuls/id/912505
πŸ”— http://www.securityfocus.com/archive/1/455201/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/455202/100/0/threaded

Related Vulnerabilities

CVE-2007-261610.0

Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows r...

CVE-2006-64259.0

Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to ex...

CVE-2005-17587.5

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execut...

CVE-2002-09967.5

Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and po...