Mercury Mail ph Server Remote Overflow

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote ph service is affected by a buffer overflow vulnerability.

Description :

The remote host is running the Mercury Mail Transport System, a free
suite of server products for Windows and Netware associated with
Pegasus Mail.

The remote installation of Mercury includes a ph server that is
vulnerable to buffer overflow attacks. By leveraging this issue, an
unauthenticated, remote attacker is able to crash the remote service
and possibly execute arbitrary code remotely.

See also :

http://www.pmail.com/newsflash.htm#whfix
http://www.pmail.com/patches.htm

Solution :

Install the Jan 2006 Mercury/32 Security patches for MercuryW and
MercuryH.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 20812 ()

Bugtraq ID: 16396

CVE ID: CVE-2005-4411

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial