Mercury IMAP Server LOGIN Command Remote Overflow

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.


Synopsis :

The remote IMAP server is affected by a buffer overflow vulnerability.

Description :

The remote host is running the Mercury Mail Transport System, a free
suite of server products for Windows and NetWare associated with
Pegasus Mail.

The remote installation of Mercury Mail includes an IMAP server that
is affected by a buffer overflow flaw. Using a specially crafted
LOGIN command, an unauthenticated, remote attacker can leverage this
issue to crash the remote application and even execute arbitrary code
remotely, subject to the privileges under which the application runs.

Solution :

Unknown at this time.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 24785 ()

Bugtraq ID: 21110

CVE ID: CVE-2006-5961