CVE-2006-1255

Name of the Vulnerable Software and Affected Versions Mercur Messaging versions 5.0 SP3 and earlier

Description The issue is related to a stack-based buffer overflow in the IMAP service, which can be triggered by sending a long string to specific commands. This can cause a denial of service, resulting in an application crash, and potentially allow the execution of arbitrary code. The vulnerable commands include the "LOGIN" and "SELECT" commands.

Recommendations For Mercur Messaging versions 5.0 SP3 and earlier, consider restricting access to the IMAP service until a fix is available. As a temporary workaround, limit the length of input strings to the "LOGIN" and "SELECT" commands to prevent buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.