Intrusion Prevention



There is a stack-based buffer overflow vulnerability in Novell NetMail WebAdmin service. It is due to a boundary check error when performing HTTP basic authentication. An attacker can exploit this vulnerability by sending a specially crafted HTTP Basic authentication username to the 'webadmin.exe' process, and can then execute arbitrary code on the target system.

Affected Products

Novell NetMail 3.52 D
Novell NetMail 3.52 C1
Novell NetMail 3.52 C
Novell NetMail 3.52 B
Novell NetMail 3.52 A
Novell NetMail 3.52
Novell NetMail 3.52e-ftfl


System compromise, arbitrary code execution.

Recommended Actions

The vendor has released version 3.52E to address this issue. Please apply it.

CVE References