|
|
Family: Gain root remotely --> Category: denial
Novell NetMail IMAP Agent Long Verb Arguments Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for long verb arguments buffer overflow vulnerability in Novell NetMail's IMAP agent
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote IMAP server is affected by a buffer overflow vulnerability.
Description :
The remote host is running Novell NetMail, a messaging and calendaring
system for Windows, Linux, Unix, and Netware.
The IMAP agent installed on the remote host as part of Novell NetMail
is affected by a stack-based buffer overflow due to its improper
handling of long arguments to selected IMAP commands while in an
authenticated state. Successful exploitation of this issue may lead
to the execution of arbitrary code on the remote host.
See also :
http://www.zerodayinitiative.com/advisories/ZDI-05-003.html
http://support.novell.com/filefinder/19357/beta.html
Solution :
Upgrade to NetMail 3.52E FTF (Field Test File) 1 or later.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
