CVE-2000-1021

Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

CVE-2000-1020

Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

CVE-2000-1020

Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

CVE-2000-1021

CVE-2000-1021 describes a heap overflow in the WebConfig component of Mdaemon ≤ 3.1.1. The vulnerability allows remote attackers to cause a denial of service and potentially execute arbitrary commands by supplying a long URL. Exploitation details are not provided in the available documents. No re...

CVE-2000-1020

CVE-2000-1020 describes a heap overflow in Worldclient of MDaemon (versions 3.1.1 and earlier) that can be triggered by a long URL, allowing remote attackers to cause a denial of service and potentially execute arbitrary commands. The issue is exploitable over the network without authentication, ...

CVE-2000-1021

Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

CVE-2000-0716

WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email...

CVE-2000-0501

MDaemon 2.8.5.0 POP server is affected by a race condition that can cause a denial of service when a UIDL command is issued and the server is exited rapidly. The issue is described as a local DoS with partial availability impact and a low CVSS. No exploitation details are provided in the availabl...

CVE-2000-0501

Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server...

VIGILANTE-2000012.txt

Mdaemon Web Services Heap Overflow DoS Advisory Code: VIGILANTE-2000012 Release Date: September 18, 2000 Systems Affected: - Mdaemon 3.1.1 for Windows NT It is likely that older versions are also affected. THE PROBLEM We want to start off by pointing out that this is not the same problem as was...

Уязвимость в MDaemon

В сеансе генерируется сеансовый ключ, который в любое время модет быть использован для доступа к почтовому ящику с любой машины...

Session hijacking in Alt-N's MDaemon 2.8

Hi, Here's a bugreport and a fix for MDaemon 2.8. Problem: It is possible to hijack an HTTP session from MDaemon / WorldClient Standard version 2.8 Description: MDaemon 2.8 comes with WorldClient Standard which allows you to read your mail using a browser. When you receive an HTML formatted page...

CVE-2000-0399

Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name...

CVE-2000-0399

The CVE-2000-0399 entry concerns the MDaemon POP3 server. A buffer overflow in the POP server allows remote attackers to crash the service by sending a too-long user name, resulting in a denial of service. Affected component: MDaemon POP3 server (remote input to user field). Impact: remote DoS wi...

CVE-2000-0501

Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server...

Alt-N MDaemon 2.8.5 - UIDL Denial of Service

source: https://www.securityfocus.com/bid/1366/info A remote user is capable of crashing Alt-N MDaemon 2.8.5.0 by executing the pass command, then the UIDL command and quitting the mail server before the UIDL has returned a response. This must be done before the user is presented with the POP3...

Alt-N MDaemon 2.8.5 - UIDL Denial of Service

Alt-N MDaemon 2.8.5 - UIDL Denial of Service source: https://www.securityfocus.com/bid/1366/info A remote user is capable of crashing Alt-N MDaemon 2.8.5.0 by executing the pass command, then the UIDL command and quitting the mail server before the UIDL has returned a response. This must be done...

mdaemon 2.8.5.0 DoS

mdaemon 2.8.5.0 remote DoS Win95 vulnerable Tested on a K5-166 with 32MB RAM Win98SE vulnerable Tested on a K7-500 with 128MB RAM A single user wasnґt able to receive eMail - after the password was send, the mail client just haltet, and did nothing till the timeout. I tried to find the error, by...

Deerfield Communications MDaemon Mail Server DoS

Deerfield Communications the Wingate perpetrators MDaemon POP server is vulnerable to bigass usernames causing a DoS. MDaemon is a mail server package for 95,98,NT and Win2k. Many systems that run Deerfield's World Client web-mail also use MDaemon. Exploit tested on Win2kpro running MDaemon 3.0.3...

Переполнение буфера в MDaemon

Классичесоке переполнение буфера при длинном имени пользователя...