Novell.NetMail.WebAdmin.Username.Buffer.Overflow
Description
There is a stack-based buffer overflow vulnerability in Novell NetMail WebAdmin service. It is due to a boundary check error when performing HTTP basic authentication. An attacker can exploit this vulnerability by sending a specially crafted HTTP Basic authentication username to the 'webadmin.exe' process, and can then execute arbitrary code on the target system.
Affected Products
Novell NetMail 3.52 D
Novell NetMail 3.52 C1
Novell NetMail 3.52 C
Novell NetMail 3.52 B
Novell NetMail 3.52 A
Novell NetMail 3.52
Novell NetMail 3.52e-ftfl
Impact
System compromise, arbitrary code execution.
Recommended Actions
The vendor has released version 3.52E to address this issue. Please apply it.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |