|
| Atrium Mercur Mailserver IMAPD buffer overflow | | Published: |  | 22.03.2007 | | Source: |  | FULL-DISCLOSURE | | SecurityVulns ID: |  | 7446 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Multiple buffer overflows in IMAP NTLM authentication implementation. Buffer overflow in SUBSCRIBE command. |
| Affected: |  | ATRIUM : Mercur Mailserver 5.0 | | CVE: |  | CVE-2007-1579 (Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.) | | | | CVE-2007-1578 (Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.) | | | | CVE-2003-1322 (Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.) |
|
|
|
|
|
