Signature Detail

APP: Mercury Mail Transport System Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Mercury Mail Transport System product. The vulnerability is created by the lack of proper enforcement of maximum allowable length of user supplied data. A malicious unauthenticated attacker can exploit this vulnerability, which can result in a stack buffer overflow leading to arbitrary code execution on the target host.

Extended Description

Mercury Mail is prone to a remote buffer-overflow vulnerability in its mailbox name service. This issue occurs because the application fails to properly bounds-check user-supplied input before copying it to a finite-sized memory buffer. Exploiting this vulnerability allows remote attackers to execute arbitrary machine code with SYSTEM privileges in the context of the affected server process. Mercury Mail 4.01b is affected; other versions may also be affected.

Affected Products

• David Harris Mercury (win32 version) 4.0.0 1a
• David Harris Mercury (win32 version) 4.0.0 1b

References

• BugTraq: 16396
• CVE: CVE-2005-4411
• URL: http://securitytracker.com/alerts/2005/Dec/1015374.html
• URL: http://www.milw0rm.com/id.php?id=1375