Title: Mercury for NetWare Buffer Overflow Vulnerability
Severity: MODERATE
Description:
Mercury MTA is a mail-transfer agent available for Novell NetWare and Windows NT. It includes servers for common internet mail services such as POP3 and SMTP.
Novell versions of the Mercury POP3 server prior to 1.48 are vulnerable to a buffer overflow caused by inadequate string handling for the APOP [1] authentication command.
Because the overflow occurs in an authentication command parser, unauthenticated remote users can trigger the overflow. It is unknown whether the overflow can lead to arbitrary code execution, but proof-of-concept code is available that will crash the NetWare server, compromising system availability and requiring a reboot.
[1] The format of the APOP command is
APOP <mailbox name> <MD5 digest>
Please see http://www.ietf.org/rfc/rfc1939.txt for a detailed description of the POP3 protocol.
Affected Products:
- David Harris Mercury/NLM 1.45.0
- David Harris Mercury/NLM 1.46.0
- David Harris Mercury/NLM 1.47.0
References:
- David Harris: Mercury MTA Overview
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
