CVE-2007-1578

Atrium MERCUR IMAPD 5.00.14 SP4 - Remote Code Execution via NTLMSSP Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1578. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Mercur IMAP server v5.00.14 (win32) via the NTLM authentication mechanism. It sends a crafted NTLMSSP payload to trigger the overflow, potentially leading to remote code execution.

Description

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · perldoswindows_x86

https://www.exploit-db.com/exploits/3527

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Mercur IMAP server v5.00.14 (win32) via the NTLM authentication mechanism. It sends a crafted NTLMSSP payload to trigger the overflow, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Mercur IMAP Server v5.00.14 (win32)

No auth needed

Prerequisites: Network access to the target IMAP server (port 143)

MITRE ATT&CK