Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Date: Mon Jul 15 2002 - 07:01:09 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    PricewaterhouseCoopers Security Vulnerability Report
    No: pwc.20020630.nims_3.0.3_imapd.a

    Vulnerability Summary
    Problem: Multiple buffer overflow conditions have
                             been identified in Novell Netmail IMAP

    Threat: Denial Of Service.

    Affected Software: Novell Netmail 3.0.3.
                       Novell Netmail 3.1,
                       Novell Netmail XE 3.1.

    Platforms: Linux Redhat 7.3,
                             Sun Solaris,
                             Microsoft Windows,
                             Netware 6.

    Solutions: Apply the appropriate patches from Novell.

    Vulnerability Description
    Multiple buffer overflows exist in the IMAPD service of Novell
    Netmail 3.0.3 resulting in a Denial Of Service. Subsequent attacks
    will result in a server reboot on Netware 6.0 SP 1.

    Netmail (NIMS) 3.0.3A Update for NetWare

    NetMail (NIMS) 3.0.3A Update for Linux

    NetMail (NIMS) 3.0.3A Update for Solaris

    NetMail 3.1a Update for NetWare

    NetMail 3.1a Update for Windows

    NetMail 3.1a Update for Linux

    NetMail 3.1a Update for Solaris

    NetMail XE 3.1a Update

    Additional Information
    Novell was contacted 20020701.

    This vulnerability was found by
    Patrik Karlsson & Jonas Lšndin

    The information transmitted is intended only for the person or entity to
    which it is addressed and may contain confidential and/or privileged
    material. Any review, retransmission, dissemination or other use of, or
    taking of any action in reliance upon, this information by persons or
    entities other than the intended recipient is prohibited. If you
    received this in error, please contact the sender and delete the material
    from any computer.