Environment
Novell NetMail 3.5.2
Situation
A security vulnerability has been reported which could
potentially allow attackers to execute arbitrary code on vulnerable
installations of Novell Netmail 3.5.2.
Reported as ZDI-07-072 (& CVE-2007-6302), this
vulnerability was discovered by Tenable Network Security working
with TippingPoint and the Zero Day Initiative (http://www.zerodayinitiative.com).
Resolution
Since the vulnerability was reported, Novell has transferred ownership of NetMail to Messaging Architects, and they have addressed this vulnerability in in the NetMail 3.5.2F update, which is available to download from this location: