Reported June
24, 2003, by NC Agent.
VERSIONS
AFFECTED
Atrium Software MERCUR
Mail Server 4.02.09
DESCRIPTION
VENDOR
RESPONSE
CREDIT
· Multiple buffer-overflow vulnerabilities in Atrium Software MERCUR Mail Server 4.02.09 can result in the execution of arbitrary code on the vulnerable computer. If an attacker uses the EXAMINE, DELETE, SUBSCRIBE, RENAME, UNSUBSCRIBE, LIST, LSUB, STATUS, LOGIN, CREATE, or SELECT command to send a large amount of data, a buffer will overflow and cause the server to crash.
Atrium Software International has released version 4.2.15.0, which doesn't contain these vulnerabilities.
Discovered by
NC Agent.
Multiple Buffer Overflows in Atrium Software Mercur Mail Server
0 comments
Hide comments