Intrusion Prevention

Novell.NetMail.NMAP.STOR.Command.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Novell NetMail.
This vulnerability is caused by a boundary checking error when the Network Messaging Application Protocol (NMAP) daemon deals with a STOR command. It may allow remote attackers to crash the server or execute arbitrary code.

Affected Products

Novell NetMail 3.52 D
Novell NetMail 3.52 C1
Novell NetMail 3.52 C
Novell NetMail 3.52 B
Novell NetMail 3.52 A
Novell NetMail 3.52

Impact

Denial of Service
Arbitrary code execution

Recommended Actions

Apply the patch, available from the following web sites:
NetMail 3.52e FTF 2 for NetWare:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974927.htm
NetMail 3.52e FTF 2 for Windows:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974928.htm
NetMail 3.52e FTF 2 for Linux:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974929.htm

CVE References

CVE-2006-6424