8 matches found
Mercur Messaging 2005 IMAP Login Buffer Overflow
No description provided by source. $Id: mercurlogin.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Mercur Messaging 2005 IMAP Login Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mercur...
Atrium Mercur IMap Subscribe请求远程栈溢出漏洞
Mercur是Atrium Software推出的系列邮件服务器产品。 Mercur的NTLM认证机制实现上存在漏洞,远程攻击者可能利用此漏洞控制服务器或导致服务崩溃。 Mercur的IMAPD在实现NTLM的代码中盲目使用用户提供的长度数据作为memcpy调用的参数,远程攻击者可能利用此问题触发一个栈溢出,导致拒绝服务或执行任意指令。 Atrium Software Mercur v5.00.14 win32 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.atrium-software.com/...
mercur-imap.txt
!/bin/perl tested on win2k server SP4 English ATTENTION! If you have an another valid account you must change the offsets this is only a poc use IO::Socket::INET; my $host = shift@ARGV; my $port = 143; my $reply; my $request; my $user = "test"; my $pass = "test"; my $nop = "\x90"x8; my $nop1 =...
Mercur Messaging 2005 IMAP Login Buffer Overflow
This module exploits a stack buffer overflow in Atrium Mercur IMAP 5.0 SP3. Since the room for shellcode is small, using the reverse ordinal payloads yields the best results. This module requires Metasploit: https://metasploit.com/download Current source:...
Immunity Canvas: VSPLOIT_MERCURIMAP
Name| vsploitmercurimap ---|--- CVE| CVE-2006-1255 Exploit Pack| CANVAS Description| Mercur Imap 5.0 Remote Buffer Overflow Notes| CVE Name: CVE-2006-1255 VENDOR: Mercur Repeatability: One time Date public: 03/16/2006 CVE Url: https://vulners.com/cve/CVE-2006-1255 CVSS: 10.0...
Mercur Mailserver 5.0 SP3 (IMAP) Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits =============================================================== Mercur Mailserver 5.0 SP3 IMAP Remote Buffer Overflow Exploit =============================================================== / mercur.cpp Atrium Mercur IMAP 5.0 SP3 Messaging...
[Full-disclosure] Mercur IMAPD 5.0 SP3 DoS Exploit or more?
Hi folks, I found this bugs in a imap-server called Mercur IMAP 5.0 SP3 from http://www.atrium-software.com/, but i was not able to exploit it successful for a remote shell on WinXP ServicePack2. The program has an intern check for the string length or something like that. I can overwrite the EIP...