Mercury Mail Remote IMAP Server Remote Overflow

High Nessus Plugin ID 15867


The remote IMAP server has multiple buffer overflow vulnerabilities.


The remote host is running Mercury Mail server, an IMAP server for Windows.

According to its banner, the version of Mercury Mail running on the remote host has multiple stack-based buffer overflow vulnerabilities.
A remote, authenticated attacker could exploit these issues to crash the service or execute arbitrary code.


Upgrade to the latest version of this software.

See Also

Plugin Details

Severity: High

ID: 15867

File Name: mercury_mail_stack.nasl

Version: $Revision: 1.15 $

Type: remote

Published: 2004/11/30

Modified: 2016/11/18

Dependencies: 11153

Risk Information

Risk Factor: High


Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

Excluded KB Items: imap/false_imap

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2004/11/29

Exploitable With

Metasploit (Mercury/32 v4.01a IMAP RENAME Buffer Overflow)

Reference Information

CVE: CVE-2004-1211

BID: 11775, 11788

OSVDB: 12508

EDB-ID: 1375

Secunia: 13348

CWE: 119