NetMail IMAP buffer overflow

Added: 11/30/2005
CVE: CVE-2005-3314
BID: 15491
OSVDB: 20956

Background

Novell NetMail is an e-mail and calendaring server application.

Problem

A buffer overflow in the NetMail IMAP service could allow authenticated users to execute arbitrary commands using a long, specially crafted argument to certain commands.

Resolution

Install NetMail 3.52e FTF 1.

References

http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0050.html

Limitations

Exploit works against NetMail 3.5.2.

Platforms

Windows 2000
Windows XP

Back to exploit index