Vulnerability Note VU#944273

Novell NetMail IMAP vulnerable to DoS when processing "APPEND" commands

Original Release date: 17 Jan 2007 | Last revised: 23 Jan 2007


A vulnerability in the way Novell Netmail handles IMAP APPEND commands may allow a denial of service.


Novell Netmail's IMAP server contains a buffer overflow that may occur when processing parameters supplied to the APPEND command. An attacker must login to an affected system in order to take advantage of this vulnerability.


A remote, authenticated attacker may be able to cause a denial-of-service condition.



Novell has released an update to address this issue. See Novell document 3717068 for more details.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Novell, Inc.Affected-15 Jan 2007
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A



This issue is addressed in Novell document 3717068. Novell credits Dennis Rand of CIRT.DK working with iDEFENSE for reporting this issue.

This document was written by Chris Taschner.

Other Information

  • CVE IDs: CVE-2006-6762
  • Date Public: 23 Dec 2006
  • Date First Published: 17 Jan 2007
  • Date Last Updated: 23 Jan 2007
  • Severity Metric: 2.19
  • Document Revision: 12


If you have feedback, comments, or additional information about this vulnerability, please send us email.