IMAP.Commands.Buffer.Overflow
Description
This indicates a possible attempt to exploit one of several stack based buffer overflow vulnerabilities in the Mercury IMAP server.
The buffer overflows can be triggered by using overly long arguments with the EXAMINE, SUBSCRIBE, STATUS, APPEND, CHECK, CLOSE, EXPUNGE, FETCH, RENAME, DELETE, LIST, SEARCH, CREATE or UNSUBSCRIBE commands. The vulnerabilities are caused by the application's lack of proper bounds checking on user supplied input, before copying it to a fixed size memory buffer. These vulnerabilities may allow remote authenticated users to cause a denial of service and possibly execute arbitrary code.
Affected Products
David Harris Mercury (win32 version) 4.0 1 and 4.0 1a.
Impact
System compromise: execution of arbitrary code on the system.
Recommended Actions
Upgrade to Mercury 4.0 1b or later.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |