APP: Mercury PH Server Module Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Mercury PH Server Module. Attackers can execute arbitrary machine code with SYSTEM privileges in the context of the affected server process.
Extended Description
Mercury Mail is prone to a remote buffer-overflow vulnerability in its mailbox name service. This issue occurs because the application fails to properly bounds-check user-supplied input before copying it to a finite-sized memory buffer. Exploiting this vulnerability allows remote attackers to execute arbitrary machine code with SYSTEM privileges in the context of the affected server process. Mercury Mail 4.01b is affected; other versions may also be affected.
Affected Products
David_harris mercury_(win32_version)
Short Name
APP:MERCURY-PH-BO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2005-4411 Mercury Module Overflow PH Server bid:16396
Release Date
03/30/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/105
False Positive
Unknown
Vendors
David_harris
CVSS Score
7.5