CVE-2006-6425

Related Files

Novell NetMail <= 3.52d IMAP APPEND Buffer Overflow

Posted Nov 26, 2009

Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell's Netmail 3.52 IMAP APPEND verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.

tags | exploit, overflow, imap

advisories | CVE-2006-6425

SHA-256 | c2b343f8b2b08c2acbc1a657fc530022dd5ded78e281457e1ff77f70c7f431bb

Download | Favorite | View

Zero Day Initiative Advisory 06-054

Posted Dec 27, 2006

Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on affected installations of Novell NetMail. Successful exploitation requires the attacker to successfully authenticate to the affected service. The specific flaw exists in the NetMail IMAP server's handling of the APPEND command. A lack of bounds checking on a specific parameter to this command can lead to a stack-based buffer overflow. This vulnerability can be exploited to execute arbitrary code. Novell NetMail 3.5.2 is affected.

tags | advisory, remote, overflow, arbitrary, imap

advisories | CVE-2006-6425

SHA-256 | d83fcb45bcf0511752fc543515acd50fb5294460571860e33791f4a4924a19b1

Download | Favorite | View