Source of Binary DOS
USSR Advisory Code: USSR-2000036
March 16, 2000
MERCUR WebMail-Client Version 1.0 port (1080)
UssrLabs found a buffer overflow in MERCUR WebView WebMail-Client 1.0 where they
do not use proper bounds checking in the code who handle the GET commands
The following all result in a Denial of Service against the service in question.
Where [buffer] is aprox. 1000 characters. (0)
the Exploit, crash the remote machine service WebMail
Vendor Url: http://www.atrium-software.com
Program Url: http://www.atrium-software.com/mercur/webview_e.html
Install Mercur 3.2 with Service Pack 1
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, HNN, Technotronic and Wiretrip.