What is CVE-2006-6424?

CVE-2006-6424 is a vulnerability in N/a. Published 2006-12-27.

Is CVE-2006-6424 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-6424

Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap over…

EPSS: 0.692 (98.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

VU#381161 (x_refsource_CERT-VN, third-party-advisory)
secure-support.novell.com/KanisaPlatform/Publishing/134/3096026_f.SAL_Public.ht… (x_refsource_CONFIRM)
2081 (x_refsource_SREASON, third-party-advisory)
21725 (vdb-entry, x_refsource_BID)
20061223 ZDI-06-052: Novell NetMail NMAP STOR Buffer Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)
ADV-2006-5134 (vdb-entry, x_refsource_VUPEN)
www.cirt.dk/advisories/cirt-48-advisory.txt (x_refsource_MISC)
1017437 (vdb-entry, x_refsource_SECTRACK)
www.zerodayinitiative.com/advisories/ZDI-06-053.html (x_refsource_MISC)
www.zerodayinitiative.com/advisories/ZDI-06-052.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2006-6424?: CVE-2006-6424 is a vulnerability in N/a. Published 2006-12-27.
Is CVE-2006-6424 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.