CVE-2003-1322

Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long 1 EXAMINE, 2 DELETE, 3 SUBSCRIBE, 4 RENAME, 5 UNSUBSCRIBE, 6 LIST, 7 LSUB, 8 STATUS, 9 LOGIN, 10 CREATE, or 11 SELECT command...

Re: another WU imapd buffer overflow

Hi again, imapd seems to be very weak. I've found another three buffer overruns. This time affected commands are LSUB, RENAME and FIND: OK mail IMAP4rev1 v12.264 server ready login siva9 secret OK LOGIN completed lsub "" AAAAAAAAAAAAA.... A 1024 - 8179 SIGSEGV received. OK localhost IMAP4rev1...