Vulnerability Description
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
CVSS Score
9.0
HIGH
AV:N/AC:L/Au:S/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netmail | <= 3.5.2 |
References
- http://secunia.com/advisories/23437PatchVendor Advisory
- http://securityreason.com/securityalert/2080
- http://securitytracker.com/id?1017437Patch
- http://www.kb.cert.org/vuls/id/258753US Government Resource
- http://www.securityfocus.com/archive/1/455200/100/0/threaded
- http://www.securityfocus.com/bid/21723
- http://www.vupen.com/english/advisories/2006/5134
- http://www.zerodayinitiative.com/advisories/ZDI-06-054.htmlPatchVendor Advisory
- https://secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_PuPatch
- http://secunia.com/advisories/23437PatchVendor Advisory
- http://securityreason.com/securityalert/2080
- http://securitytracker.com/id?1017437Patch
- http://www.kb.cert.org/vuls/id/258753US Government Resource
- http://www.securityfocus.com/archive/1/455200/100/0/threaded
- http://www.securityfocus.com/bid/21723
FAQ
What is CVE-2006-6425?
CVE-2006-6425 is a vulnerability with a CVSS score of 9.0 (HIGH). Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND comm...
How severe is CVE-2006-6425?
CVE-2006-6425 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6425?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netmail.