Lucene search
K

120 matches found

Cvelist
Cvelist
added 2009/08/03 6:0 p.m.26 views

CVE-2008-6893

Cross-site scripting XSS vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer 7 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted img tag...

5.5AI score0.01647EPSS
Exploits0References5
Metasploit
Metasploit
added 2009/07/03 1:26 a.m.34 views

MDaemon WorldClient form2raw.cgi Stack Buffer Overflow

This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...

7.5CVSS0.65097EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.14 views

MDaemon WorldClient < 10.0.2 Script Injection

Binary data 4765.prm...

5CVSS7.3AI score0.01182EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.136 views

MDaemon WorldClient < 10.0.2 Email Handling XSS

The remote host is running Alt-N MDaemon, a mail server for Windows. According to its banner, a version of MDaemon mail server older than 10.0.2 is installed on the remote host. Such versions ship with a version of WorldClient a webmail client that is affected by a script injection vulnerability...

5CVSS5.7AI score0.01182EPSS
Exploits0References2
seebug.org
seebug.org
added 2008/11/21 12:0 a.m.143 views

MDaemon Server WorldClient脚本注入漏洞

BUGTRAQ ID: 32355 Alt-N MDaemon是一款基于Windows的邮件服务程序,WorldClient是其客户端。 MDaemon的WorldClient客户端没有正确地过滤邮件中的某些HTML标签,如果远程攻击者在邮件中注入了恶意HTML和脚本代码的话,则用户在查看邮件的时候就会在浏览器会话中执行注入的内容。 Alt-N MDaemon 10.0.1 Alt-N ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.altn.com...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/06/05 12:0 a.m.29 views

MDaemon WorldClient远程拒绝服务及栈溢出漏洞

Alt-N MDaemon是一款基于Windows的邮件服务程序,WorldClient是其客户端。 WordClient客户端(默认监听于TCP 3000端口)在处理对其发送的HTTP请求时存在空指针引用错误,如果远程攻击者向WorldClient.dll发送了特制的HTTP POST请求的话,就可能导致客户端崩溃。 WordClient接口在处理带有超长Subject字段的Reply请求时存在栈溢出漏洞,如果远程攻击者从WordClient接口发送了特制邮件的话就可以触发这个溢出,导致执行任意代码。成功利用这个漏洞要求在服务器上拥有有效的邮件帐号。 Alt-N MDaemon =...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/06/02 12:0 a.m.17 views

Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflows (PoC)

Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflows PoC MDaemon == v9.6.5 Multiple Remote Buffer Overflow Vendor Site: http://altn.com Risk : Highly Critical hehe funny bugs here .. the worldclient use the port 3000 for a webmail like it use also an admin webmail located at port 1000 by defaul...

0.3AI score
Exploits0
NVD
NVD
added 2006/11/04 1:7 a.m.7 views

CVE-2006-5709

Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."...

10CVSS6.4AI score0.0152EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/11/04 1:0 a.m.18 views

CVE-2006-5708

Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial of service memory consumption via unspecified vectors resulting in memory leaks...

6.8AI score0.0101EPSS
Exploits0References1
CVE
CVE
added 2006/11/04 1:0 a.m.46 views

CVE-2006-5708

MDaemon and WorldClient (Alt‑N Technologies MDaemon) before 9.50 are affected by CVE-2006-5708 due to multiple unspecified vulnerabilities that allow a denial of service via memory consumption leading to memory leaks. The issue affects MDaemon and WorldClient prior to version 9.50. Root cause vec...

7.5CVSS7.1AI score0.0101EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2006/11/04 1:0 a.m.53 views

CVE-2006-5709

Technical details about CVE-2006-5709 are not publicly provided in the supplied documents. Monitor for updates; no affected products, exploit info, or remediation details are confirmed here.

10CVSS6.8AI score0.0152EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2006/11/04 1:0 a.m.17 views

CVE-2006-5709

Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit."...

6.4AI score0.0152EPSS
Exploits0References3
Saint
Saint
added 2006/09/18 12:0 a.m.23 views

MDaemon WorldClient form2raw.cgi From buffer overflow

Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...

7.5CVSS7.2AI score0.65097EPSS
Exploits8
Saint
Saint
added 2006/09/18 12:0 a.m.22 views

MDaemon WorldClient form2raw.cgi From buffer overflow

Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...

7.5CVSS7.2AI score0.65097EPSS
Exploits8
Saint
Saint
added 2006/09/18 12:0 a.m.32 views

MDaemon WorldClient form2raw.cgi From buffer overflow

Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...

7.5CVSS7.2AI score0.65097EPSS
Exploits8
Saint
Saint
added 2006/09/18 12:0 a.m.21 views

MDaemon WorldClient form2raw.cgi From buffer overflow

Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...

7.5CVSS7.2AI score0.65097EPSS
Exploits8
NVD
NVD
added 2005/12/15 11:3 a.m.20 views

CVE-2005-4266

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value...

7.5CVSS6.7AI score0.01317EPSS
Exploits0References2
CVE
CVE
added 2005/12/15 11:0 a.m.51 views

CVE-2005-4266

The CVE-2005-4266 issue affects Alt-N MDaemon/WorldClient (WorldClient.dll) where WorldClient 8.1.3 trusts a Session parameter containing a randomly generated session ID linked to a username. This enables remote attackers to impersonate other users by guessing or sniffing the session value. Conne...

7.5CVSS7.1AI score0.01317EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2005/12/15 11:0 a.m.23 views

CVE-2005-4266

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value...

6.7AI score0.01317EPSS
Exploits0References2
NVD
NVD
added 2005/12/13 11:3 a.m.16 views

CVE-2005-4209

WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting XSS...

4.3CVSS5.9AI score0.02133EPSS
Exploits1References4
Rows per page
Query Builder