CVE-2006-5961

Mercury Mail Transport System 4.01b - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5961.

AI-analyzed exploit summary This is a functional exploit for CVE-2006-5961, targeting a buffer overflow in Mercury IMAP4 server. It includes shellcode for multiple Windows targets and demonstrates remote code execution via crafted IMAP commands.

Description

Buffer overflow in Mercury Mail Transport System 4.01b for Windows has unknown impact and attack vectors, as originally reported in a GLEG VulnDisco pack. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The original researcher is reliable.

Exploits (1)

exploitdb WORKING POC

cremotewindows

https://www.exploit-db.com/exploits/1223

View Code ZIP pw:eip

This is a functional exploit for CVE-2006-5961, targeting a buffer overflow in Mercury IMAP4 server. It includes shellcode for multiple Windows targets and demonstrates remote code execution via crafted IMAP commands.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Mercury Mail Transport System 4.01a and prior

Auth required

Prerequisites: Network access to IMAP port (143) · Valid IMAP credentials

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21110

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22857

Scores

EPSS 0.0261

EPSS Percentile 86.0%

Details

Status published

Products (1)

pegasus/mercury_mail_transport_system 4.0.1b

Published Nov 17, 2006

Tracked Since Feb 18, 2026