Novell NetMail 3.52
Existing version of NetMail 3.52 can be vulnerable to attack when the following buffers are overrun.
IMAPD subscribe Buffer
The vulnerability could allow remote execution of code on the server running NetMail.
Existing version of NetMail 3.52 can be also vulnerable to:
IMAP Denial of Service Issue.
This vulnerability is limited to a Dos only condition and requires authentication in order to exploit it.
This problem is resolved by applying NetMail 3.52e ftf 2
StatusReported to Engineering
Novell would like to thank Dennis Rand of CIRT.DK working with iDEFENSE (www.idefense.com) for reporting the following issues.
[IDEF1651] Novell NetMail IMAPD subscribe Buffer Overflow Vulnerability.
[IDEF1792] Novell Netmail IMAP Denial of Service Vulnerability