Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162."
Max CVSS
6.8
EPSS Score
37.37%
Published
2007-12-10
Updated
2018-10-15
Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.
Max CVSS
10.0
EPSS Score
68.22%
Published
2007-05-11
Updated
2017-07-29
Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication.
Max CVSS
6.8
EPSS Score
94.74%
Published
2007-03-08
Updated
2018-10-16

CVE-2006-6761

Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
Max CVSS
6.5
EPSS Score
16.56%
Published
2006-12-27
Updated
2011-03-08

CVE-2006-6425

Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
Max CVSS
9.0
EPSS Score
16.33%
Published
2006-12-27
Updated
2018-10-17

CVE-2006-6424

Public exploit
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
Max CVSS
9.0
EPSS Score
88.44%
Published
2006-12-27
Updated
2018-10-17

CVE-2005-3314

Public exploit
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
Max CVSS
7.5
EPSS Score
85.32%
Published
2005-11-18
Updated
2017-07-11
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
Max CVSS
6.4
EPSS Score
1.83%
Published
2005-07-09
Updated
2011-03-08
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
20.10%
Published
2005-06-08
Updated
2011-03-08
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
1.65%
Published
2005-06-08
Updated
2011-03-08
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
Max CVSS
6.4
EPSS Score
0.39%
Published
2004-12-31
Updated
2008-09-05
Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.
Max CVSS
7.5
EPSS Score
4.53%
Published
2002-10-04
Updated
2008-09-05
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!