Mercury Mail ph Server Remote Overflow

High Nessus Plugin ID 20812


The remote ph service is affected by a buffer overflow vulnerability.


The remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and Netware associated with Pegasus Mail.

The remote installation of Mercury includes a ph server that is vulnerable to buffer overflow attacks. By leveraging this issue, an unauthenticated, remote attacker is able to crash the remote service and possibly execute arbitrary code remotely.


Install the Jan 2006 Mercury/32 Security patches for MercuryW and MercuryH.

See Also

Plugin Details

Severity: High

ID: 20812

File Name: mercury_ph_overflow.nasl

Version: $Revision: 1.17 $

Type: remote

Published: 2006/01/27

Modified: 2016/11/28

Dependencies: 11153

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/01/01

Vulnerability Publication Date: 2005/12/16

Exploitable With

Core Impact

Metasploit (Mercury/32 PH Server Module Buffer Overflow)

Reference Information

CVE: CVE-2005-4411

BID: 16396

OSVDB: 22103

EDB-ID: 1375