Signature Detail
Short Name |
SMTP:MERCMAIL-AUTH-OF |
|---|---|
Severity |
High |
Recommended |
No |
Category |
SMTP |
Keywords |
Mercury Mail Transport System AUTH Overflow |
Release Date |
2010/10/13 |
Update Number |
1792 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Mercury Mail Transport System AUTH Overflow
This signature detects attempts to exploit a known vulnerability in the Mercury Mail Transport System. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Mercury Mail Transport System is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling AUTH CRAM-MD5 requests. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Successful exploits will compromise the computer. Failed exploit attempts will result in a denial of service. Versions prior to Mercury/32 v4.52 and Mercury/NLM v1.49 are vulnerable. UPDATE (August 28, 2007): Symantec has confirmed that this issue is being actively exploited in the wild.
Affected Products
- Pegasus Mail Mercury Mail Transport System 4.01b
- Pegasus Mail Mercury Mail Transport System 4.51
References
- BugTraq: 25357
- CVE: CVE-2007-4440
- URL: http://www.pmail.com/m32_451.htm