MERCUR Mailserver SMTP / IMAP / POP3 Servers Remote Overflows
Critical Nessus Plugin ID 11910
SynopsisThe remote mail server is prone to a buffer overflow attack.
DescriptionThe remote Atrium MERCUR SMTP server (mail server) seems to be vulnerable to a remote buffer overflow. Successful exploitation of this vulnerability would give a remote attacker administrative access to the mail server and access to potentially confidential data.
The IMAP and POP3 servers are affected by similar issues involving the AUTHENTICATE and AUTH commands respectively.
SolutionUpgrade to MERCUR Mailserver 4.2 SP3a or later.