Intrusion Prevention

IMAP.Subscribe.Command.Buffer.Overflow

Description

This indicates an attack attempt against a stack-based buffer-overflow vulnerability in Atrium MERCUR IMAPD.
The vulnerability is due to the software's inability to properly check the bounds of user-supplied input. A remote attacker could execute arbitrary code on the system by sending a crafted Subscribe request to the service.

Affected Products

Atrium MERCUR Messaging 2005 SP4 and prior

Impact

System compromise

Recommended Actions

Currently we are not aware of any officially supplied fix for this issue.

CVE References

CVE-2007-1579