Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mercury Mail Transport System < 4.01b ph Service Buffer Overflow

Critical

Synopsis

The remote ph service is affected by a buffer overflow vulnerability.

Description

The remote host is running the Mercury Mail Transport System, a free suite of server products for Windows and NetWare associated with Pegasus Mail. The remote installation of Mercury includes a ph server that is vulnerable to buffer overflow attacks. By leveraging this issue, an unauthenticated remote attacker is able to crash the remote service and possibly execute arbitrary code remotely.

Solution

Upgrade to version 4.01b or higher.