Check Point Advisories

Preemptive Protection against Novell NetMail IMAP 'APPEND' Buffer Overflow Vulnerability

Check Point Reference: CPAI-2007-005
Date Published: 11 Jan 2007
Severity: High
Last Updated: Wednesday 25 April, 2007
Source: Secunia Advisory: SA23437
Industry Reference:CVE-2006-6425
Protection Provided by:
Who is Vulnerable? Novell NetMail version 3.52 and prior
Vulnerability Description Novell NetMail is an electronic mail server product that supports various email access and exchange protocols, including the Internet Message Access Protocol (IMAP). IMAP is a standard protocol for accessing e-mail from a local server that provides management of received messages on a remote server. A buffer overflow vulnerability exists in Novell NetMail IMAP service. A remote attacker can exploit this issue to trigger a buffer overflow which may lead to an application crash and to arbitrary code execution.
Update/Patch AvaliableApply patches:

Novell NetMail 3.52e FTF 2 for NetWare:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974927.htm

Novell NetMail 3.52e FTF 2 for Windows:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974928.htm

Novell NetMail 3.52e FTF 2 for Linux:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974929.htm

Vulnerability DetailsThe vulnerability is due to a buffer overflow error when processing malformed IMAP commands. A remote attacker can exploit this flaw via a specially crafted 'APPEND' command with an overly long string in its parameter. Successful exploitation may allow an attacker to create a denial of service condition or execute arbitrary code on an affected system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK