[NEWS] Multiple Buffer Overflow Found in Novell Netmail
From: support@securiteam.comDate: 07/17/02
- Previous message: support@securiteam.com: "[NEWS] Multiple Buffer Overflow Found in Novell Netmail IMAP Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Wed, 17 Jul 2002 08:08:56 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Multiple Buffer Overflow Found in Novell Netmail
------------------------------------------------------------------------
SUMMARY
An exploitable buffer overflow condition exists in the Netmail web
interface. It is possible for an attacker to attain remote root access on
Linux and possibly other platforms. There is another buffer overflow
condition in the webadmin interface running on port 81, which however is
not active on a default installation.
DETAILS
Vulnerable systems:
* Novell Netmail version 3.0.3
* Novell Netmail version 3.1
* Novell Netmail XE version 3.1
Solutions:
Netmail (NIMS) 3.0.3b Update for NetWare
<http://support.novell.com/servlet/tidfinder/2963002>
http://support.novell.com/servlet/tidfinder/2963002
Netmail (NIMS) 3.0.3b Update for Linux
<http://support.novell.com/servlet/tidfinder/2963004>
http://support.novell.com/servlet/tidfinder/2963004
Netmail (NIMS) 3.0.3b Update for Solaris
<http://support.novell.com/servlet/tidfinder/2963004>
http://support.novell.com/servlet/tidfinder/2963004
Netmail 3.1b Update for NetWare
<http://support.novell.com/servlet/tidfinder/2963005>
http://support.novell.com/servlet/tidfinder/2963005
Netmail 3.1b Update for Windows
<http://support.novell.com/servlet/tidfinder/2963006>
http://support.novell.com/servlet/tidfinder/2963006
Netmail 3.1b Update for Linux
<http://support.novell.com/servlet/tidfinder/2963007>
http://support.novell.com/servlet/tidfinder/2963007
Netmail 3.1b Update for Solaris
<http://support.novell.com/servlet/tidfinder/2963008>
http://support.novell.com/servlet/tidfinder/2963008
Netmail XE 3.1b Update
<http://support.novell.com/servlet/tidfinder/2963009>
http://support.novell.com/servlet/tidfinder/2963009
ADDITIONAL INFORMATION
The information has been provided by
<mailto:patrik.karlsson@se.pwcglobal.com> Patrik Karlsson and Jonas
Ländin.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] Multiple Buffer Overflow Found in Novell Netmail IMAP Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
