Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:MERCURYPH-BO

Severity

 Medium

Recommended

 Yes

Recommended Action

 Drop

Category

 APP

Keywords

 16396 Mercury PH Phonebook Overflow Metasploit

Release Date

 2010/03/30

Update Number

 1643

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

APP: Mercury PH Server Module Buffer Overflow


This signature detects attempts to exploit a known vulnerability against Mercury PH Server Module. Attackers can execute arbitrary machine code with SYSTEM privileges in the context of the affected server process.

Extended Description

Mercury Mail is prone to a remote buffer-overflow vulnerability in its mailbox name service. This issue occurs because the application fails to properly bounds-check user-supplied input before copying it to a finite-sized memory buffer. Exploiting this vulnerability allows remote attackers to execute arbitrary machine code with SYSTEM privileges in the context of the affected server process. Mercury Mail 4.01b is affected; other versions may also be affected.

Affected Products

  • David Harris Mercury (win32 version) 4.0.0 1a
  • David Harris Mercury (win32 version) 4.0.0 1b

References

  • BugTraq: 16396
  • CVE: CVE-2005-4411

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy & Policy
Legal Notices
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out