CVE-2004-1211

Name of the Vulnerable Software and Affected Versions: Mercury/32 version 4.01a

Description: The issue is related to multiple buffer overflows in the IMAP service, which can be exploited by remote authenticated users. This can lead to a denial of service, causing the application to crash, and potentially allow the execution of arbitrary code. The buffer overflows can occur when sending long arguments to various IMAP commands, including EXAMINE, SUBSCRIBE, STATUS, APPEND, CHECK, CLOSE, EXPUNGE, FETCH, RENAME, DELETE, LIST, SEARCH, CREATE, and UNSUBSCRIBE.

Recommendations: For Mercury/32 version 4.01a, consider updating to a newer version that addresses the buffer overflow issues in the IMAP service. As a temporary workaround, restrict access to the IMAP service or limit the length of arguments that can be passed to the affected commands.