shadowbroker

This repository, kaleozhou/shadowbroker, is an offensive tool repository containing exploits for various vulnerabilities in different software and systems. The exploits are categorized into several types, including SMB Server Message Block exploits, email server exploits, and others. The reposito...

NSA Fuzzbunch in EaseBee the use of research methods and MDaemon vulnerability analysis-vulnerability warning-the black bar safety net

0X01 overview EaseBee is the NSA-developed for the mail system, MDaemon code execution vulnerability a tool, which supports multiple version of MDaemon is a well-known standard SMTP/POP/IMAP mail service system, by the American Alt-N company development. It provides full mail server functionality...

Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9317/info It has been reported that MDaemon/WorldClient mail server may be prone to a buffer overflow vulnerability when handling certain messages with a 'From' field of over 249 bytes. This issue may allow a remote...

MDaemon <= 9.6.5 - Multiple Remote Buffer Overflow Exploit PoC

No description provided by source. MDaemon == v9.6.5 Multiple Remote Buffer Overflow Vendor Site: http://altn.com Risk : Highly Critical hehe funny bugs here .. the worldclient use the port 3000 for a webmail like it use also an admin webmail located at port 1000 by default both are opened this...

Alt-N MDaemon WorldClient 8.1.3 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15815/info MDaemon WorldClient is prone to a denial of service vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to preve...

MDaemon 8.0 Content Filter Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14400/info MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input. Failure to sanitize the filename and path may result in compromise of the file system outside of the...

WorldClient 5.0.x Arbitrary File Deletion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4687/info WorldClient is a web interface packaged with MDaemon, an email server for Microsoft Windows. An input validation vulnerability exists in WorldClient that allows for an attacker to delete an arbitrary file on the...

MDaemon WebAdmin 2.0.x - SQL injection

No description provided by source. Exploit Title: MDaemon WebAdmin 2.0.X SQL injection Date: 2006/5/26 Author: KOUSULIN Software Link: http://archive.altn.com/WebAdmin/Archive/2.0.8/wa208en.exe Version: WebAdmin 2.0.X Tested on: Windows 2003 CVE : N/A Code : /WebAdmin.dll?Session='ACCESS SQL...

MDaemon 9.6.4 IMAPD FETCH Buffer Overflow

No description provided by source. $Id: mdaemonfetch.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Alt-N MDaemon 8.1.1 IMAP Server Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16854/info Alt-N MDaemon IMAP Server is affected by a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before using it in the format-specifier...

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure

No description provided by source. MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotel...

alt-n mdaemon free 12.5.4 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: Alt-N MDaemon Free Version: 12.5.4 Vendor Site: http://www.altn.com/ Software Download: http://www.altn.com/Downloads/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012:...

Alt-N MDaemon 6.0.x POP Server Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6053/info A buffer overflow vulnerability has been reported for MDaemon. The vulnerability is due to inadequate bounds checking on some POP server commands. An attacker can exploit this vulnerability by submitting a very...

MDaemon <= 6.8.5 WorldClient form2raw.cgi Stack Buffer Overflow

No description provided by source. $Id: mdaemonworldclientform2raw.rb 9653 2010-07-01 23:33:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...

Alt-N MDaemon 3.1.1 DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1689/info Alt-N MDaemon 3.1.1 is subject to a denial of service. If a remote user requests a specially crafted URL to the web services within MDaemon the service will crash. A restart of the service is required in order t...

MDaemon SMTP Server 5.0.5 Null Password Authentication Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8382/info A vulnerability has been reported to affect the MDaemon SMTP authentication handler. It has been reported that any valid username or account can be used in conjunction with a null password, to access the MDaemon...

Alt-N MDaemon 6.x/WorldClient Form2Raw Raw Message Handler Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9317/info It has been reported that MDaemon/WorldClient mail server may be prone to a buffer overflow vulnerability when handling certain messages with a 'From' field of over 249 bytes. This issue may allow a remote...

Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow

No description provided by source. $Id: mdaemoncrammd5.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Alt-N MDaemon 3.5.6/5.0.7/6.x IMAP DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2508/info A successfully logged-in user, via IMAP, could cause MDaemon to terminate the connection. If the user submits either a 'SELECT' or 'EXAMINE' command appended with 250 or more characters, MDaemon will refuse any...

MDaemon POP3 Server < 9.06 (USER) Remote Heap Overflow Exploit

No description provided by source. !/usr/bin/python import sys import struct import socket from time import sleep MDaemon Pre Authentication USER Heap Overflow Code based on Leon Juranic's exploit Coded by muts - [email protected] http://www.hackingdefined.com http://www.remote-exploit.org...