ID EDB-ID:26044 Type exploitdb Reporter Tan Chew Keong Modified 2005-07-27T00:00:00
Description
MDaemon 8.0 Content Filter Directory Traversal Vulnerability. Remote exploit for windows platform
source: http://www.securityfocus.com/bid/14400/info
MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input.
Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory.
The following email attachment filename example was provided:
'../../../../../file.exe'
{"id": "EDB-ID:26044", "hash": "e575bf360b87e8eee06892b50539aa5d", "type": "exploitdb", "bulletinFamily": "exploit", "title": "MDaemon 8.0 Content Filter Directory Traversal Vulnerability", "description": "MDaemon 8.0 Content Filter Directory Traversal Vulnerability. Remote exploit for windows platform", "published": "2005-07-27T00:00:00", "modified": "2005-07-27T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/26044/", "reporter": "Tan Chew Keong", "references": [], "cvelist": [], "lastseen": "2016-02-03T02:43:30", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2016-02-03T02:43:30"}, "dependencies": {"references": [], "modified": "2016-02-03T02:43:30"}, "vulnersScore": 0.1}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/26044/", "sourceData": "source: http://www.securityfocus.com/bid/14400/info\r\n\r\nMDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input.\r\n\r\nFailure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory. \r\n\r\nThe following email attachment filename example was provided:\r\n\r\n'../../../../../file.exe' ", "osvdbidlist": ["18348"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}