Mercury Mail Remote IMAP Stack Buffer Overflow (deprecated)

high Nessus Network Monitor Plugin ID 2438

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running Mercury Mail server, an IMAP server for Windows operating systems. It is reported that versions up to and including 4.01 are prone to stack buffer overflow vulnerabilities. An authenticated attacker may execute arbitrary code on the remote server. The attacker needs to authenticate in order to exploit these vulnerabilities against the IMAP server.

Solution

No solution is known at this time.

Plugin Details

Severity: High

ID: 2438

Family: IMAP Servers

Published: 11/30/2004

Updated: 9/16/2018

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Info

Base Score: 0

Temporal Score: 0

Vector: CVSS2#AV:A/AC:L/Au:S/C:N/I:N/A:N

Exploitable With

Metasploit (Mercury/32 v4.01a IMAP RENAME Buffer Overflow)

Reference Information

CVE: CVE-2004-1211

BID: 11775, 11788

Detections

Analytics