Mercury Mail Transport System version 4.01b contains a vulnerability that could allow a remote attacker to execute arbitrary code on a system.
The vulnerability exists due to a lack of bounds checking of user-supplied input. To exploit this vulnerability, a remote attacker could send a malicious request designed to cause a buffer overflow to port 105/tcp. This could allow the attacker to execute arbitrary code on the targeted system.
Exploit code is available.
Patches are unavailable.