Mercury Mail ph Server Remote Overflow
High Nessus Plugin ID 20812
SynopsisThe remote ph service is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and Netware associated with Pegasus Mail.
The remote installation of Mercury includes a ph server that is vulnerable to buffer overflow attacks. By leveraging this issue, an unauthenticated, remote attacker is able to crash the remote service and possibly execute arbitrary code remotely.
SolutionInstall the Jan 2006 Mercury/32 Security patches for MercuryW and MercuryH.