Lucene search
SAINT CorporationSAINT:69FADF0F52FB9DD1A06043BB29CB1256HistoryApr 03, 2007 - 12:00 a.m.
MERCUR imapd NTLMSSP
2007-04-0300:00:00
SAINT Corporation
download.saintcorporation.com
6
0.608 Medium
EPSS
Percentile
97.8%
Added: 04/03/2007
CVE: CVE-2007-1578
BID: 23058
OSVDB: 33545
Background
[MERCUR Messaging Server](<http://www.atrium-software.com/index.php?conte
nt=mercur>) is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms.
Problem
A buffer overflow vulnerability in MERCUR Messaging Server allows remote attackers to execute arbitrary commands by sending a specially crafted NTLM Type 3 message to the imapd service.
Resolution
Upgrade to MERCUR Messaging Server 5.0 SP5 or higher when available.
References
<http://secunia.com/advisories/24596>
Limitations
Exploit works on MERCUR Messaging Server 5.0 SP3 and SP4 on Windows 2000.
Platforms
Windows
Related
nessus
nessus
saint
saint
MERCUR imapd NTLMSSP
2007-04-03 00:00:00
MERCUR imapd NTLMSSP
2007-04-03 00:00:00
MERCUR imapd NTLMSSP
2007-04-03 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Stack overflow
2007-03-21 23:19:00
cve
cve
CVE-2007-1578
2007-03-21 23:19:00
cvelist
cvelist
CVE-2007-1578
2007-03-21 23:00:00
securityvulns
securityvulns
Atrium Mercur Mailserver IMAPD buffer overflow
2007-03-22 00:00:00