Buffer overflow vulnerability in Novell’s NetMail
A vulnerability in the groupware solution Novell NetMail allows unauthenticated remote attackers to cause a buffer overflow in the groupware solution and execute arbitrary code with the privileges of the service. According to an advisory by security service provider iDefense, the infiltrated code will be executed with service privileges, mostly those of the NetMailService account.
Writing signatures for intrusion detection or intrusion prevention systems is further complicated due to the fact that this bug resides in the SSL variant, where data traffic is encrypted. The SSL version of the nmdmc.exe file does not perform sufficient input validation prior to copying this input into a fixed size buffer.
This vulnerability affects version 3.52e_FTF2 of Novell’s NetMail; older versions may also be vulnerable. Novell has released a beta version 3.52f, where this bug has been eliminated. Users who cannot or do not want to install this beta version, are advised to employ a firewall to restrict access to the service to trusted computers.
- Novell NetMail NMDMC Buffer Overflow Vulnerability, advisory by iDefense
- Download of the patched beta version of NetMail 3.52f