[Full-Disclosure] Re: Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003.

From: Laurent Saplairoles (lsaplai-list_at_telus.net)
Date: 12/02/04

  • Next message: Stepanov Serg: "[Full-Disclosure] (no subject)" 
    To: bugtraq@securityfocus.com, full-disclosure@lists.netsys.com, vuln@secunia.com, SecuriTeam News <news@securiteam.com>
Date: Thu, 02 Dec 2004 01:35:03 -0800

    On 1 Dec 2004 at 14:16, Reed Arvin wrote:

    > Summary:
    > Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003
    > (http://www.pmail.com/).
    >
    > Details:
    > Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003.
    > There are 14 vulnerable commands that can be used to cause buffer
    > overflows to occur. After a successful login to the mail server, if
    > any of these commands are used with an overly long argument the
    > application closes resulting in a denial of service. The commands and
    > approximate argument lengths are as follows:

    [snip]

    >
    > Vulnerable Versions:
    > Mercury/32, v4.01a, Dec 8 2003
    >
    > Solutions:
    > The vendor was notified of the issue. There was no response.
    >

    [snip]

    David Harris, author of both Merucry Mail server and Pegasus Mail has aknowledge
    the problem this morning on the Mercury Mailing list. He announced that he was
    working on a fix which should be available by tomorrow (Thusday Dec 2) evening
    (take the timing as you wish, David is in NZ)

    Reed, there are words of being able to run an application on the Mercury machine.
    Can you confirm that? If so, please be sure to advise David Harris. 

    -- 
Laurent
Sacha Guitry (1895 - 1957)
Le meilleur moyen de faire tourner la tête à une femme, c'est de lui dire qu'elle a un 
joli profil.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: Stepanov Serg: "[Full-Disclosure] (no subject)"

    Relevant Pages

    • RE: SPF record confusion
      ... associated with a different set of message headers from which the PRA ... the sender CLAIMS to be. ... a receiving mail server that relies on determining the PRA from the address ... command is defined in RCF8281 along with other SMTP commands like EHLO, ...
      (microsoft.public.windows.server.sbs)
    • Re: Why is administrator blocking outgoing mail?
      ... The SMTP protocol requires that all recipients be specifed by RCPT TO commands, ... You may have many recipients but only one copy of the message gets sent to the mail server. ... Since you say it is a message that you receive rather than an error that occurs *during* the mail session between your e-mail client and the mail server, it is a separate and new message that is being sent back to you. ... If your mail server found the RCPT-TO and DATA commands were out of order from your e-mail client, you would get an immediate error during the mail session. ...
      (microsoft.public.outlook)
    • Re: Multiple emails
      ... server, if you know the telnet commands for pop3, remember what the last ... mail was that came in and delete it from the mail server. ... the pop3 commands, then grab the rfc for it, it's a small one! ... Martin ...
      (microsoft.public.security.virus)
    • RE: Sendmail configuration problem? Some servers refusing to receive mail from me...
      ... No one can send messages to these domains when using my mail server. ... Could you tell me the commands to test this? ... using telnet beyond that point. ... unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
      (RedHat)