33 matches found
EUVD-2006-0980
Malware in sbrugna...
Mercury Mail Transport System Buffer Overflow (CVE-2005-4411)
The Mercury Mail Transport System server is an implementation of an Internet mail server. The product offers services which are implementations of the server side of several protocols such as SMTP, POP3, IMAP and Computing and Communications Services Office Nameserver protocol also know as the...
Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow
Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...
Mercury IMAP Server SEARCH Command Remote Buffer Overflow
The remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and NetWare associated with Pegasus Mail. The remote installation of Mercury Mail includes an IMAP server that is affected by a buffer overflow vulnerability. Using a specially- crafted SEARC...
Preemptive Protection against Mercury Mail Transport System SMTP AUTH CRAM-MD5 Buffer Overflow Vulnerability
A buffer overflow vulnerability has been reported in Mercury Mail Transport System. Mercury Mail Transport System is a free mail server program that supports various email access and exchange protocols, including the Simple Mail Transfer Protocol SMTP. A remote attacker can exploit this issue to...
CVE-2007-4440
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961...
Stack overflow
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961...
[Full-disclosure] Mercury SMTPD Remote Preauth Stack Based Overrun
Mercury Mail Transport System Remote Stack Based Overflow Overview Mercury Mail Transport System: Mercury is a free, standards-based mail server solution, providing comprehensive, fast server support for all major Internet e- mail protocols. It is supplied in two versions, one hosted on Windows...
Mercury Mail Transport System AUTH CRAM-MD5远程栈溢出漏洞
BUGTRAQ ID: 25357 Mercury Mail Transport System是一款综合的Internet邮件服务器系统。 Mercury Mail Transport System的SMTP服务器没有正确地处理超长的AUTH CRAM-MD5字符串,远程攻击者可能利用此漏洞控制服务器。 如果用户向服务器提交了恶意的认证请求的话,就可能触发栈溢出,导致完全入侵服务器系统。 Pegasus Mail Mercury Mail Transport System 4.51 Pegasus Mail Mercury Mail Transport System 4.01b...
mercury-poc.txt
If there are images in this attachment, they will not be displayed. Download the original attachment Mercury Mail Transport System Remote Stack Based Overflow Overview Mercury Mail Transport System: Mercury is a free, standards-based mail server solution, providing comprehensive, fast server...
Mercury SMTPD Remote Preauth Stack Based Overrun PoC
No description provided by source. If there are images in this attachment, they will not be displayed. Download the original attachment Mercury Mail Transport System Remote Stack Based Overflow Overview Mercury Mail Transport System: Mercury is a free, standards-based mail server solution,...
Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability
Description Mercury Mail Transport System is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling AUTH CRAM-MD5 requests. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running th...
Mercury32 Mail SMTPD - Remote Stack Overrun (PoC)
Mercury32 Mail SMTPD - Remote Stack Overrun PoC If there are images in this attachment, they will not be displayed. Download the original attachment Mercury Mail Transport System Remote Stack Based Overflow Overview Mercury Mail Transport System: Mercury is a free, standards-based mail server...
Mercury/32 Mail SMTPD - Remote Stack Overrun (PoC)
If there are images in this attachment, they will not be displayed. Download the original attachment Mercury Mail Transport System Remote Stack Based Overflow Overview Mercury Mail Transport System: Mercury is a free, standards-based mail server solution, providing comprehensive, fast server...
Mercury IMAP data continuation buffer overflow
Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...
Mercury IMAP data continuation buffer overflow
Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...
Mercury IMAP data continuation buffer overflow
Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...
CVE-2007-1373
Stack-based buffer overflow in Mercury/32 aka Mercury Mail Transport System 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961...
CVE-2007-1373
CVE-2007-1373 concerns a stack-based buffer overflow in Mercury/32 (Mercury Mail Transport System) up to version 4.01b, exploitable via a specially crafted LOGIN command in the IMAPD. The vulnerability permits remote code execution and is accessible over the network with no authentication require...
CVE-2006-5961
Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The original researcher is reliabl...