Mercur SMTP-Server 3.3 to 4.2 control service buffer overflow 1.2
 
Plugin ID82
Plugin nameMercur SMTP-Server 3.3 to 4.2 control service buffer overflow
Plugin filenameMercur SMTP-Server 3.3 to 4.2 control service buffer overflow.plugin
Plugin filesize3124 bytes
Plugin familySMTP
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/03/23
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.2
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.2
Plugin protocoltcp
Plugin port25
Plugin procedure detectionopen|sleep|close|pattern_exists 220 *MERCUR SMTP-Server (v3.3* OR 220 *MERCUR SMTP-Server (v4.0* OR 220 *MERCUR SMTP-Server (v4.2*
Plugin detection accuracy80
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug advisoryhttp://www.securityfocus.com/archive/1/282988
Bug affectedMercur SMTP-Server 3.3 to 4.2
Bug not affectedMercur SMTP-Server 4.2 and newer
Bug vulnerability classBuffer Overflow
Bug descriptionThe Mercur Mailserver is a small Mail Transfer Agent (MTA). It has been reported that there is an insufficient bounds checking in the Control-Service component, which listens on TCP port 32000 by default. An attacker may use this buffer overflow by sending an very long username/password to run arbritrary code with the server privileges.
Bug solutionIt may be possible that there is a new software version available. At the moment the vulnerability is only reported for MERCUR Mailserver 3.3 to 4.2. Please visit the web site of Atrium Software at http://www.atrium-software.com/mercur/mercur_e.html. Limit unwanted connections and communications with firewalling.
Bug fixing time1 hour
Bug exploit availabilityYes
Bug exploit urlhttp://www.securityfocus.com/data/vulnerabilities/exploits/mercrexp.c
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity5
Bug simplicity8
Bug impact9
Bug risk6
Source CVECAN-2002-1073
Source SecurityFocus BID5261
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.