Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6425

4 documents4 sources
Severity
9.0CRITICAL
EPSS
79.8%
top 0.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netmail
Timeline
PublishedDec 27
Latest updateMay 1

Description

Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/netmail3.5.2+5

Patches

Patch: secunia.comPatch: securitytracker.comPatch: www.zerodayinitiative.com

🔴Vulnerability Details

2
GHSA
GHSA-vf3p-hwgg-7hq5: Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 32022-05-01
CVEList
CVE-2006-6425: Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 32006-12-27

💥Exploits & PoCs

1
Exploit-DB
Novell NetMail 3.52d - IMAP APPEND Buffer Overflow (Metasploit)2010-05-09
CVE-2006-6425 (CRITICAL CVSS 9) | Stack-based buffer overflow in the | cvebase.io