CVE-2006-7038

Name of the Vulnerable Software and Affected Versions MERCUR Messaging 2005 versions prior to Service Pack 4

Description The issue is related to multiple buffer overflows that can cause a denial of service, resulting in a crash. This can be triggered by remote attackers through long command lines at port 32000 or certain name service queries that are not properly handled by the SMTP service.

Recommendations For MERCUR Messaging 2005 versions prior to Service Pack 4, apply Service Pack 4 to resolve the issue. As a temporary workaround, consider restricting access to port 32000 and limiting the handling of name service queries by the SMTP service until the patch is applied.