Info

Disclosure

Nov 18, 2005

Discovery

Oct 24, 2005

Dates

Exploit

Nov 17, 2005

Solution

Unknown

Description

A remote overflow exists in Novell NetMail. The IMAP service fails to perform proper bounds checking resulting in a stack-based buffer overflow. With a specially crafted request containing an overly long verb argument, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private
Disclosure: OSVDB Verified

Solution

Upgrade to version 3.52e or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Novell, Inc.

NetMail

3.52D

References

Security Tracker: 1015240
Secunia Advisory ID: 17641
SCIP VulDB ID: 1911
CVE ID: 2005-3314 (see also: NVD)
Metasploit ID: 20956
ISS X-Force ID: 23114
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0599.html
Vendor Specific Advisory URL: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972665.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972672.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972673.htm
Generic Exploit URL: http://www.metasploit.com
Vendor URL: http://www.novell.com/
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-05-003.html
Keyword: ZDI-05-003

Credit

Sebastian Apelt - webmasterbuzzworld.org -

Direct URL: http://osvdb.org/36218