Novell : Security Vulnerabilities, CVEs, Published In 2006 CVSS score >= 5
CVE-2006-6761
Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
Max CVSS
6.5
EPSS Score
15.43%
Published
2006-12-27
Updated
2011-03-08
CVE-2006-6425
Public exploit
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
Max CVSS
9.0
EPSS Score
16.33%
Published
2006-12-27
Updated
2018-10-17
CVE-2006-6424
Public exploit
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
Max CVSS
9.0
EPSS Score
89.57%
Published
2006-12-27
Updated
2018-10-17
CVE-2006-5478
Public exploit
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
Max CVSS
7.5
EPSS Score
95.58%
Published
2006-10-24
Updated
2018-10-17
CVE-2006-0992
Public exploit
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
Max CVSS
10.0
EPSS Score
35.09%
Published
2006-04-14
Updated
2018-10-18
5 vulnerabilities found