exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

eeye.99-02-21.mercur_mail

eeye.99-02-21.mercur_mail
Posted Sep 23, 1999

eeye.99-02-21.mercur_mail

SHA-256 | cd8416601a7bdc853e7df178e5ecbaaa8c8cf226455e3b7d68a01231a69446f2

eeye.99-02-21.mercur_mail

Change Mirror Download

[INLINE] [INLINE]
[INLINE] eEyelogosmall
Home Hire News Alerts Articles Books Tools Links Contact Press
[INLINE] [INLINE] [INLINE]

eEye - Digital Security Team Alert

Multiple Vulnerabilites in Mercur Mail Server
Systems Affected
Mercur v3.00
Release Date
February 21, 1999
Advisory Code
AD02211999
Description:
There are multiple places in Mercur where they do not use proper bounds checking. The following all
result in a Denial of Service against the service in question.
The pop3 (110) service has an overflow in the login function.
+OK MERCUR POP3-Server (v3.00.24 Unregistered) for Windows NT ready at Sun,
21 Feb 1999 22:05:28 -0800
user touchmyspecialspot
+OK <touchmyspecialspot>
pass glob
Where glob is 2400 characters. It could work with less or more.
The imapd (143) service has an overflow in the login process as well.
OK MERCUR IMAP4-Server (v3.00.26 Unregistered) for Windows NT ready at
Sun, 21 Feb 1999 22:12:30 -0800
x login glob1 glob2
Where glob1 is 300 characters and glob2 is 400 characters. Once again diffrent lengths will work.
The Administrative Control service (32000) also has a login overflow.
MERCUR Control-Service (v3.00.21 Unregistered) for Windows NT ready at Sun,
21 Feb 1999 22:16:54 -0800
Username: blah
Password: glob
Where glob is 900 characters. Once again size may vary.
Vendor Status
Vendor was contacted a week ago, Waiting for a response :-(
Copyright (c) 1999 eEye Digital Security Team

Permission is hereby granted for the redistribution of this alert electronically. It is not to be
edited in any way without express consent of eEye. If you wish to reprint the whole or any part of
this alert in any other medium excluding electronic medium, please e-mail alert@eEye.com for
permission.

Disclaimer:

The information within this paper may change without notice. Use of this information constitutes
acceptance for use in an AS IS condition. There are NO warranties with regard to this information.
In no event shall the author be liable for any damages whatsoever arising out of or in connection
with the use or spread of this information. Any use of this information is at the user's own risk.

Please send suggestions, updates, and comments to:

eEye Digital Security Team

info@eEye.com
http://www.eEye.com
[INLINE]
[LINK]
[INLINE]

Copyright © 1998-1999 eEye.com - All Rights Reserved. eEye is an www.eCompany.com Venture.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close