Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
IMAP:OVERFLOW:MAILBOX |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
IMAP |
Keywords |
Mailbox Name Buffer Overflow |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
IMAP: Mailbox Name Buffer Overflow
This protocol anomaly triggers when it detects an IMAP mailbox name that is too long. This can indicate a buffer overflow attempt.
Extended Description
Mercur IMAP is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Currently, few technical details are available. This BID will be updated as more information becomes available. This issue may be related to BID 7842 (Atrium Software Mercur Mailserver IMAP Remote Buffer Overflow Vulnerability). An attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
- Atrium_software mercur_imap
- Atrium_software mercur_messaging_2005 Service Pack 4
- Atrium_software mercur_messaging_2005_enterprise_edition 5.0 SP3
- Atrium_software mercur_messaging_2005_lite_edition 5.0 SP3
- Atrium_software mercur_messaging_2005_standard_edition 5.0 SP3
References
- BugTraq: 23050
- BugTraq: 14315
- BugTraq: 17138
- CVE: CVE-2005-3691
- CVE: CVE-2006-6290
- CVE: CVE-2005-0707
- CVE: CVE-2006-1255
- URL: http://www.faqs.org/rfcs/rfc2060.html