Published: 10/01/2005 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
david harris mercury 4.0.1a

#!/usr/bin/perl # # wwwsecurityfocuscom/bid/11775 # credit to Muts for this vulnerability # acaro [at] jervusit use IO::Socket::INET; use Switch; if (@ARGV < 3) { print "--------------------------------------------------------------------\n"; print "Usage : mercury-4444-multipl -hTargetIPAddress -oAssemblyinstructions\n"; print " ...

######################################################### # ...

/** Remote Mercury32 Imap exploit [14 types of attacks] WOW! ** By: JohnH@secnetopscom ** ** Notes: Second public release and both of them are murcury32 ;) ** Again someone posted some dos code :( why bother? ** If you spent the time to look, it uses the same buffer for all 14 types of attacks and the size does not ** ...

/* Dreatica-FXP crew * * ---------------------------------------- * Target : Mercury/32 SMTP Server * Found by : muts@offensive-securitycom, wwwoffensive-securitycom * ---------------------------------------- * Exploit : Mercury/32 v332-v451 SMTP Pre-Auth EIP overwrite exploit * Exploit date : 26082007 * Exploi ...

#===== Start Mercury32_Overflowpl ===== # # Usage: Mercury32_Overflowpl <ip> <imap4 user> <imap4 pass> # Mercury32_Overflowpl 127001 hello moto # # Mercury/32, v401a, Dec 8 2003 # # Download: # wwwpmailcom/ # ############################################################# use IO::Socket; use strict; my($sock ...

## # $Id: mercury_renamerb 9262 2010-05-09 17:45:00Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class M ...

/* whitehatcoil comments removed do to muts love */ /** Remote Mercury32 Imap exploit ** By: JohnH@secnetopscom **/ #include <stdioh> #include <unistdh> #include <sys/typesh> #include <sys/socketh> #include <netinet/inh> #include <netinet/tcph> #include <arpa/ineth> #include <netdbh> # ...

CWE-119 http://www.securityfocus.com/bid/11775 http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/029701.html http://home.kabelfoon.nl/~jaabogae/han/m_401b.html http://www.osvdb.org/12508 http://secunia.com/advisories/13348 http://marc.info/?l=bugtraq&m=110193702909991&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18318 https://nvd.nist.gov https://www.exploit-db.com/exploits/3561/

Get Started

CVE-2004-1211

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect