Novell Home

My Favorites

Close

Please to see your favorites.

Security Vulnerabilities: NetMail Buffer Overrun and Denial of Service

This document (3717068) is provided subject to the disclaimer at the end of this document.

Environment

Novell NetMail 3.52

Situation

Existing version of NetMail 3.52 can be vulnerable to attack when the following buffers are overrun.
IMAPD subscribe Buffer
The vulnerability could allow remote execution of code on the server running NetMail.
 
Existing version of NetMail 3.52 can be also vulnerable to:
IMAP Denial of Service Issue.
This vulnerability is limited to a Dos only condition and requires authentication in order to exploit it.
 
 

Resolution

Status

Reported to Engineering
Security Alert

Additional Information

Novell would like to thank Dennis Rand of CIRT.DK working with iDEFENSE (www.idefense.comfor reporting the following issues.
 
[IDEF1651] Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability.
[IDEF1792] Novell Netmail IMAP Denial of Service Vulnerability
 

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:3717068
  • Creation Date:22-DEC-06
  • Modified Date:16-MAR-12

Did this document solve your problem? Provide Feedback