CVE-2006-7038

Description

Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name service queries that are not properly handled by the SMTP service.

Affected products

• atrium_software / mercur_messaging_20055.0_sp3 – 5.0_sp3
• atrium_software / mercur_messaging_20055.0_sp3 – 5.0_sp3
• atrium_software / mercur_messaging_20055.0_sp3 – 5.0_sp3

References

• MISChttp://www.securityfocus.com/bid/18462
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/2354
• VENDOR_ADVISORYhttp://secunia.com/advisories/20432
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/27231
• MISChttp://www.atrium-software.com/download/McrReadMe_EN.html