Mercury.Mail.Transport.System.SMTP.AUTH.CRAMMD5.Buffer.Overflow
Description
This indicates a vulnerability in Mercury Mail Transport System. The vulnerability is caused by a stack buffer overflow error in the smtp service. The overflow occurs when the vulnerable software handles an AUTH CRAM-MD5 command. It allows remote attackers to execute arbitrary code by sending an AUTH CRAM-MD5 command with a long argument.
Affected Products
Mercury Mail Transport System version 4.51 and prior.
Impact
System compromise, arbitrary code execution.
Recommended Actions
Currently we are not aware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |