MERCUR imapd NTLMSSP

2007-04-03T00:00:00
ID SAINT:B28A5B619ADD380A846827329D40A683
Type saint
Reporter SAINT Corporation
Modified 2007-04-03T00:00:00

Description

Added: 04/03/2007
CVE: CVE-2007-1578
BID: 23058
OSVDB: 33545

Background

MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms.

Problem

A buffer overflow vulnerability in MERCUR Messaging Server allows remote attackers to execute arbitrary commands by sending a specially crafted NTLM Type 3 message to the imapd service.

Resolution

Upgrade to MERCUR Messaging Server 5.0 SP5 or higher when available.

References

<http://secunia.com/advisories/24596>

Limitations

Exploit works on MERCUR Messaging Server 5.0 SP3 and SP4 on Windows 2000.

Platforms

Windows