|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[sec-adv] Mercur Mail Server IMAP Buffer Overflow
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Jun 09 2003 - 06:11:48 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Mercur Mail Server IMAP Buffer Overflow
READ ONLINE:
http://www.secunia.com/advisories/8966/
CRITICAL:
Highly critical
IMPACT:
DoS
WHERE:
From remote
SOFTWARE:
Mercur Mail Server 4.x
DESCRIPTION:
A vulnerability has been identified in Mercur Mail Server possibly
allowing execution of arbitrary code.
The problem is within the IMAP service, by sending a long string to
any command including "LOGIN" a buffer overflow may be caused. This
allows malicious people to crash the service or possibly execute
arbitrary code on the system.
This has been reported to affect version 4.2.14.0 and prior.
SOLUTION:
Version 4.2.15.0 is not vulnerable.
REPORTED BY / CREDITS:
Dennis Rand
ORIGINAL ADVISORY:
http://www.infowarfare.dk/Advisories/iw-18-advisory.txt
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]