CVE-2005-3314

Novell Netmail 3.5.2 - Remote Code Execution via IMAP Daemon Long Verb Arguments

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-3314. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/imap/novell_netmail_status.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in Novell NetMail's IMAP STATUS command. It sends an overly long string to overwrite the buffer and control execution, targeting Windows 2000 SP0-SP4.

Description

Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16483

View Code ZIP pw:eip

This is a Metasploit module exploiting a stack buffer overflow in Novell NetMail's IMAP STATUS command. It sends an overly long string to overwrite the buffer and control execution, targeting Windows 2000 SP0-SP4.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell NetMail <= 3.52d

Auth required

Prerequisites: Network access to vulnerable IMAP service · Valid credentials for authentication

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/novell_netmail_status.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in Novell NetMail 3.52 via the IMAP STATUS command. It sends a crafted payload to overwrite the buffer and control execution flow, targeting Windows 2000 SP0-SP4.