Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow

• Previous message: Toni Lassila: "Re: XML scripting in IE, Outlook Express"
• In reply to: Przemyslaw Frasunek: "Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Next in thread: Atro Tossavainen: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Next in thread: Adam Osuchowski: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Reply: Atro Tossavainen: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Apr 21, 2001 at 10:52:15AM +0200, Przemyslaw Frasunek wrote:
> All versions of widely-used POP3 server from Mercury MTA package for Netware
> are vulnerable to remote buffer overflow allowing to crash Netware server:

Actually, problem was fixed in Mercury 1.48, but no advisory was issued
and older versions are still in wide use. All Mercury-based servers
should be immediately updated.

--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslawat_private ** PGP: D48684904685DF43EA93AFA13BE170BF *

• Next message: Roger Fajman: "Re: Lucent security contact"
• Previous message: Toni Lassila: "Re: XML scripting in IE, Outlook Express"
• In reply to: Przemyslaw Frasunek: "Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Next in thread: Atro Tossavainen: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Next in thread: Adam Osuchowski: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Reply: Atro Tossavainen: "Re: Mercury for NetWare POP3 server vulnerable to remote buffer overflow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 00:23:37 PDT