Vulnerabilities > CVE-2003-1177 - Remote Buffer Overflow vulnerability in Atrium Software Mercur Mailserver IMAP AUTH

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
atrium-software
nessus
exploit available
NVD
Published: 2003-12-31
Updated: 2017-07-11

Summary

Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server.

Vulnerable Configurations

Part Description Count
Application
Atrium_Software
8

Exploit-Db

descriptionAtrium Software Mercur Mailserver 3.3/4.0/4.2 IMAP AUTH Remote Buffer Overflow Vulnerability. CVE-2003-1177. Dos exploit for windows platform
idEDB-ID:23267
last seen2016-02-02
modified2003-10-20
published2003-10-20
reporterKostya KORTCHINSKY
sourcehttps://www.exploit-db.com/download/23267/
titleAtrium Software Mercur Mailserver 3.3/4.0/4.2 IMAP AUTH Remote Buffer Overflow Vulnerability

Nessus

NASL familyWindows
NASL idMERCUR_AUTH_OVERFLOW.NASL
descriptionThe remote Atrium MERCUR SMTP server (mail server) seems to be vulnerable to a remote buffer overflow. Successful exploitation of this vulnerability would give a remote attacker administrative access to the mail server and access to potentially confidential data. The IMAP and POP3 servers are affected by similar issues involving the AUTHENTICATE and AUTH commands respectively.
last seen2020-06-01
modified2020-06-02
plugin id11910
published2003-10-27
reporterThis script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11910
titleMERCUR Mailserver SMTP / IMAP / POP3 Servers Remote Overflows

References