Alt-N WebAdmin MDaemon/RelayFax administration tool multiple bugs

Crossit scripting, user accounts editing, code execution...

Multiple vulnerabilities in Alt-N WebAdmin <= 3.0.2

WebAdmin is a web application to administer MDaemon and RelayFax. It can be run on its own or as an ISAPI application under Microsoft Internet Information Services IIS. MDaemon is an e-mail server for Microsoft Windows. RelayFax is a fax server also for Microsoft Windows. Both applications have...

Alt-N WebAdmin < 3.0.3 Multiple Remote Vulnerabilities

Binary data 2572.prm...

CVE-2005-0319

Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting XSS and phishing...

CVE-2005-0318

usereditaccount.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter...

alt-n WebAdmin 3.0.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/12395/info Alt-n WebAdmin is reportedly affected by multiple remote vulnerabilities. The application is affected by multiple cross-site scripting issues. An attacker may leverage these issues to execute arbitrary HTML and script code in the browser of an...

Alt-N WebAdmin Multiple Remote Vulnerabilities (XSS, Bypass Access)

The remote host is running Alt-N WebAdmin, a web interface to MDaemon mail server. The remote version of this software is affected by cross-site scripting vulnerabilities due to a lack of filtering on user-supplied input in the file 'usereditaccount.wdm' and the file 'modalframe.wdm'. An attacker...

CVE-2004-2369

Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. dot dot in the directory creation command...

HP-UX ObAM WebAdmin unauthorized access

No description provided...

[security bulletin] SSRT4758 rev. 0 HP-UX ObAM WebAdmin unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01047 REVISION: 0 SSRT4758 rev. 0 HP-UX ObAM WebAdmin unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin provided that it...

CVE-2003-1463

Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to 1 determine the installation path by reading the contents of the Name parameter in a link, and 2 read arbitrary files via an absolute path in the Name...

PSCS VPOP3 2.0 Email Server WebAdmin - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8869/info It has been reported that PSCS VPOP3 Email Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to embed malicious HTML and script code in a link. The issue is reported to be present in the WebAdmin utilit...

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure source: https://www.securityfocus.com/bid/8578/info A weakness has been reported in the FTGatePro WebAdmin Interface that could allow an unauthorized user to gain sensitive information. The problem is believed to occur due to...

CVE-2003-0471

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument...

CVE-2003-0471

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument...

CVE-2003-0471

Alt-N WebAdmin is affected by a remote buffer overflow in the USER parameter of WebAdmin.exe/WebAdmin.dll, enabling arbitrary code execution as described in CVE-2003-0471. Public artifacts include references in Exploit-DB and Metasploit modules showing a buffer overflow condition that could allow...

Alt-N WebAdmin buffer overflow

Buffer overflow in username...

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow (2)

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM...

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow (1)

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM...

Alt-N WebAdmin 2.0.x - &#039;USER&#039; Remote Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. / WebAdmin.dll remote proof of...