Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability

Summary
The Mercur IMAP4 Service is running on the remote host. Description : A version of Mercur Mailserver or Messaging Server is installed on the remote host. It is a complete messaging solution including common functions like 'smtp/pop3/imap4-server'. The Mercur IMAP4 Service is vulnerable to buffer overflows by sending a special crafted 'login' command. An attacker can use this to crash the service, possible execute arbitrary code and gain some access privileges on the system.
Solution
Filter access to the IMAP4 Service, so that it can be used by trusted sources only.
References