>> Novell NetMail IMAP and Modweb Agents Multiple Vulnerabilities
Title : Novell NetMail IMAP and Modweb Agents Multiple Vulnerabilities VUPEN ID : VUPEN/ADV-2005-0727 CVE ID : CVE-2005-1756 - CVE-2005-1757 - CVE-2005-1758 CWE ID : CWE-
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-06-10
Technical Description
Multiple vulnerabilities were identified in Novell NetMail, which may be exploited by malicious users to conduct denial of service and cross site scripting attacks. The first flaw is due to a buffer overflow error in the IMAP command continuation function and the handling of long command tags. The second vulnerability is due to an input validation error in the Modweb agent, which may be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser. The third issue occurs in the Modweb agent when decoding headers, which may be exploited by attackers to cause a denial of service. The fourth vulnerability is due to a buffer overrun error in the Modweb agent when renaming folders.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
