Vulnerability Description
Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name service queries that are not properly handled by the SMTP service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Atrium Software | Mercur Messaging 2005 | 5.0_sp3 |
References
- http://secunia.com/advisories/20432PatchVendor Advisory
- http://www.atrium-software.com/download/McrReadMe_EN.html
- http://www.securityfocus.com/bid/18462Patch
- http://www.vupen.com/english/advisories/2006/2354
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27231
- http://secunia.com/advisories/20432PatchVendor Advisory
- http://www.atrium-software.com/download/McrReadMe_EN.html
- http://www.securityfocus.com/bid/18462Patch
- http://www.vupen.com/english/advisories/2006/2354
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27231
FAQ
What is CVE-2006-7038?
CVE-2006-7038 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name ser...
How severe is CVE-2006-7038?
CVE-2006-7038 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-7038?
Check the references section above for vendor advisories and patch information. Affected products include: Atrium Software Mercur Messaging 2005.