Info

Disclosure

Oct 12, 2005

Discovery

Jul 18, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Novell NetMail. The NMAP (Network Messaging Application Protocol) Agent fails to perform proper bounds checking resulting in a stack-based buffer overflow. With a specially crafted request containing an overly long username in the 'USER' command, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified

Solution

Upgrade to version 3.52D or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Novell, Inc.

Novell NetMail

3.52C

References

Security Tracker: 1015048
Bugtraq ID: 15080
Secunia Advisory ID: 15925
CVE ID: 2005-2469 (see also: NVD)
ISS X-Force ID: 22727
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0299.html
Other Advisory URL: http://secunia.com/secunia_research/2005-23/advisory/
Vendor Specific Advisory URL: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972340.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972433.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972438.htm
Vendor URL: http://www.novell.com/

Credit

Tan Chew Keong - vulnsecunia.com - Secunia Research

Direct URL: http://osvdb.org/19916