CVE-2006-5961
published 2006-11-17CVE-2006-5961: Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack…
PriorityP433high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.13%
79.6th percentile
Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The original researcher is reliable.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pegasus | mercury_mail_transport_system | — | — |
| pmail | mercury_mail_transport_system | <= 4.51 | — |
| pmail | mercury_mail_transport_system | <= 4.01b | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-669h-fgxw-4hfh: Buffer overflow in Mercury Mail Transport System 4
ghsa_unreviewed·2022-05-01
CVE-2006-5961 [HIGH] GHSA-669h-fgxw-4hfh: Buffer overflow in Mercury Mail Transport System 4
Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The original researcher is reliable.
GHSA
GHSA-4pc6-hw3m-wcr4: Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-4440 [HIGH] CWE-119 GHSA-4pc6-hw3m-wcr4: Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
GHSA
GHSA-pwvr-w4c6-mfh4: Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-1373 [HIGH] GHSA-pwvr-w4c6-mfh4: Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
No detection rules found.
No writeups or analysis indexed.
2006-11-17
Published