Mercury Mail IMAP DELETE command buffer overflow

2006-09-18T00:00:00
ID SAINT:007274958F744CE4343BFBF37053357B
Type saint
Reporter SAINT Corporation
Modified 2006-09-18T00:00:00

Description

Added: 09/18/2006
CVE: CVE-2004-1211
BID: 11775
OSVDB: 12508

Background

Mercury Mail Transport System is an e-mail server product for Windows and NetWare.

Problem

Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments to several different IMAP commands.

Resolution

Upgrade to Mercury Mail 4.01b or higher, or apply the patch for Mercury Mail 4.01a.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0028.html>

Limitations

Exploit works on Mercury Mail Transport System 4.01a and requires a valid IMAP login and password.

Platforms

Windows NT 4.0 SP3
Windows NT 4.0 SP4
Windows NT 4.0 SP5
Windows NT 4.0 SP6 / Windows NT 4.0
Windows 2000 SP0
Windows 2000 SP1
Windows 2000 SP2
Windows 2000 SP3
Windows 2000 SP4 / Windows 2000
Windows XP SP0
Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003