Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0 for Windows 98/NT Vulnerability

   

MERCUR

MERCUR WebView WebMail-Client 1.0

Binary DOS

domrc10w.exe

Source of Binary DOS

domrc10w.zip




USSR Advisory Code:   USSR-2000036


Release Date:
March 16, 2000


Systems Affected:
MERCUR WebMail-Client Version 1.0 port (1080)


THE PROBLEM

UssrLabs found a buffer overflow in MERCUR WebView WebMail-Client 1.0 where they 
do not use proper bounds checking in the code who handle the GET commands 
The following all result in a Denial of Service against the service in question.


Example:
http://hostip:1080/mmain.html&mail_user=(buffer)

Where [buffer] is  aprox. 1000 characters. (0)

Exploit: 
the Exploit, crash the remote machine service WebMail

Vendor Status:
informed

Vendor   Url: http://www.atrium-software.com
Program Url: http://www.atrium-software.com/mercur/webview_e.html

Credit: USSRLABS

SOLUTION
Install Mercur 3.2 with Service Pack 1

Greetings:
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, HNN, Technotronic and Wiretrip.