Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1255

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-1255
Last Modified 07 Mar 2011 09:32:34
Published 18 Mar 2006 08:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1255

Summary

Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.

Vulnerable Systems

Application

  • Mercur Messaging 2005 5.0 Sp3


References

XF - mercur-imap-bo(25290)

VUPEN - ADV-2006-0977

BID - 17138

OSVDB - 23950

SECUNIA - 19267

FULLDISC - 20060316 Re: Mercur IMAPD 5.0 SP3 DoS Exploit or more?

FULLDISC - 20060316 Mercur IMAPD 5.0 SP3 DoS Exploit or more?


Last Updated: 27 May 2016 10:42:34