FKIE_CVE-2007-2616

Vulnerability from fkie_nvd - Published: 2007-05-11 16:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.
References
cve@mitre.orghttp://download.novell.com/Download?buildid=Ad2xk29hHTg~Patch
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=532
cve@mitre.orghttp://osvdb.org/35941
cve@mitre.orghttp://secunia.com/advisories/25204Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/23916Patch
cve@mitre.orghttp://www.securitytracker.com/id?1018045
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1732
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34221
af854a3a-2127-422b-91ae-364da2661108http://download.novell.com/Download?buildid=Ad2xk29hHTg~Patch
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=532
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/35941
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25204Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23916Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018045
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1732
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34221
Impacted products
Vendor Product Version
novell netmail 3.52
novell netmail 3.52a
novell netmail 3.52b
novell netmail 3.52c
novell netmail 3.52c1
novell netmail 3.52d
novell netmail 3.52e
novell netmail 3.52e
novell netmail 3.52e
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "C29DA27E-7392-4A63-A00B-77C74A53AA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE363E3B-D4C9-4D3D-B68B-EBFCFD0BA811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52b:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0B2C678-9E49-42B7-82F0-6A9A3684AFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBD5601B-6726-4AB2-A0FC-ADAFA4F984DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52c1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18E4EF3-A1F0-4461-861C-4C3D98EBF7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52d:*:*:*:*:*:*:*",
              "matchCriteriaId": "6760C499-934D-46ED-B304-EC4C69355E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52e:*:*:*:*:*:*:*",
              "matchCriteriaId": "3763405C-3FE7-497A-86F1-4C7FD197CF03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52e:ftf1:*:*:*:*:*:*",
              "matchCriteriaId": "1BF3DDA7-522C-4B67-94E1-A2B93C0C58F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:novell:netmail:3.52e:ftf2:*:*:*:*:*:*",
              "matchCriteriaId": "F61C344D-3999-4275-BF96-7BE20D7A831F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la versi\u00f3n SSL del servicio NMDMC.EXE en Novell NetMail 3.52e FTF2 y posiblemente anteriores permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una respuesta manipulada."
    }
  ],
  "id": "CVE-2007-2616",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-11T16:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://download.novell.com/Download?buildid=Ad2xk29hHTg~"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=532"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35941"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25204"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23916"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018045"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1732"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://download.novell.com/Download?buildid=Ad2xk29hHTg~"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34221"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.