MDaemon WorldClient < 12.0.3 Summary Page Email Subject XSS

According to its banner, the version of MDaemon's WorldClient webmail client running on this port is earlier than 12.0.3. The LookOut theme in such versions reportedly may interpret JavaScript in a message subject in the Summary view. By sending a specially crafted email to a user who reads mail...

Alt-N MDaemon 6.8.5 - WorldClient &#039;form2raw.cgi&#039; Remote Stack Buffer Overflow (Metasploit)

$Id: mdaemonworldclientform2raw.rb 9653 2010-07-01 23:33:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Alt-N MDaemon WorldClient Service Memory Corruption (CVE-2008-2631)

A memory corruption vulnerability exists in Alt-N Technologies MDaemon WorldClient. The vulnerability is due to a NULL pointer dereference in processing a malicious HTTP POST request. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the...

Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow

Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow. CVE-2004-1520. Remote exploit for windows platform $Id: mdaemoncrammd5.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploi...

Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)

$Id: mdaemonfetch.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Alt-N MDaemon SUBSCRIBE Remote Information Disclosure Vulnerability

MDaemon is prone to an information-disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to gain access to information from arbitrary files on the vulnerable server. MDaemon 11.0.1 is vulnerable; other versions may also...

Alt-N MDaemon <= 11.0.1 SUBSCRIBE Information Disclosure Vulnerability

MDaemon is prone to an information disclosure vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure

MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotely, even accessing files on SMB shar...

MDaemon Mailer Daemon Version 11.0.1 (LATEST) Remote File Disclosure

Exploit for windows platform in category remote exploits ==================================================================== MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure ==================================================================== MDaemon Mailer Daemon Version 11.0....

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can ...

MDaemon Mailer Daemon Version 11.0.1 &#40;LATEST&#41; Remote File Disclosure

MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotely, even accessing files on SMB shar...

MDaemon Mailer Daemon 11.0.1 File Disclosure

MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotely, even accessing files on SMB shar...

MDaemon directory traversal

Directory traversal on mailing list configuration files allows to access files with LocalSystem privileges...

Alt-N MDaemon 11.0.1邮件列表订阅目录遍历漏洞

Alt-N MDaemon是一款基于Windows的邮件服务程序，WorldClient是其客户端。 MDaemon支持邮件列表功能。在配置邮件列表时，MDaemon会将邮件列表的配置存储在MDaemonDir（通常为 C:\MDaemon）\App目录下扩展名为grp的文件中，邮件列表组文件大致为： ---snip--- Mailing List file ; ListName = [email protected] ; Private = N ; HideFromAddressBook = N ; AllowExpn = Y ; ListNameInSubject = Y...

Alt-N MDaemon < 11.0.1 Multiple Remote DoS

The remote Windows host contains a version of Alt-N MDaemon that is earlier than 11.0.1. As such, it is prone to multiple remote denial of service attacks. An attacker may exploit these issues to deny the application's services to legitimate users. %NASLMINLEVEL 70300 C Tenable Network Security,...

Alt-N MDaemon < 11.0.1 Multiple Remote DoS Vulnerabilities

Binary data 5517.prm...

MDaemon Raw Message Handler Buffer Overflow (CVE-2003-1200)

WorldClient is a program listening on TCP/3000 and executing the CGI program Form2Raw, which processes HTTP requests. The vulnerable products do not require any user credentials to access the program. The specially crafted content will be passed unchecked to the vulnerable server program, MDaemon...

MDaemon SMTP and IMAP Command Buffer Overflow (CVE-2004-1546)

MDaemon is a Windows-based email server that provides full mail server functionality. MDaemon supports the SMTP, IMAP and POP3 protocols. A vulnerability exists in the way the MDaemon mail server processes certain SMTP and IMAP commands. A stack buffer overflow occurs when an overly long argument...

Alt-N MDaemon IMAP Server FETCH Command Buffer Overflow (CVE-2008-1358)

The Internet Message Access Protocol IMAP allows for the access and manipulation of electronic mails. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. The MDaemon IM...

MDaemon 9.6.4 IMAPD FETCH Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'MDaemon 9.6....