CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.2%
Added: 02/02/2006
CVE: CVE-2005-4411
BID: 16396
OSVDB: 22103
Mercury Mail Transport System is a free mail server for Windows and Netware platforms. It includes a Phone Book service which runs on port 105/TCP.
A buffer overflow vulnerability in the Phone Book service allows remote command execution.
Install the latest patch.
<http://securitytracker.com/alerts/2005/Dec/1015374.html>
Exploit works on Mercury Mail Transport System 4.01a and 4.01b for Windows.
Windows