Intrusion Prevention

Novell.NetMail.AntiVirus.Agent.Buffer.Overflow

Description

This indicates an attempt to exploit a heap based buffer overflow in Novell NetMail.
The vulnerability is caused by failure to check user input in AntiVirus Agent. It may allow remote attackers to execute arbitrary code via a crafted tcp packet sent to the avirus.exe service.

Affected Products

Novell NetMail 3.52 E
Novell NetMail 3.52 D
Novell NetMail 3.52 C1
Novell NetMail 3.52 C
Novell NetMail 3.52 B
Novell NetMail 3.52 A
Novell NetMail 3.52
Novell NetMail 3.52e-ftfl
Novell NetMail 3.52e _FTF2
Messaging Architects M+Netmail 3.52

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the website:
Messaging Architects M+Netmail 3.52
Messaging Architects M+NetMail 3.5.2F Patch for Linux
http://www.messagingarchitects.com/en/sales/files/netmail352f_lin.tgz
Messaging Architects M+NetMail 3.5.2F Patch for NetWare
http://www.messagingarchitects.com/en/sales/files/netmail352f_nw.zip
Messaging Architects M+NetMail 3.5.2F Patch for Windows
http://www.messagingarchitects.com/en/sales/files/netmail352f_win.zip

CVE References

CVE-2007-6302