Mercury Mail Transport System < 4.01b ph Service Buffer Overflow
Critical Nessus Network Monitor Plugin ID 3383
SynopsisThe remote ph service is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and NetWare associated with Pegasus Mail. The remote installation of Mercury includes a ph server that is vulnerable to buffer overflow attacks. By leveraging this issue, an unauthenticated remote attacker is able to crash the remote service and possibly execute arbitrary code remotely.
SolutionUpgrade to version 4.01b or higher.