Lucene search
+L
Alt-nMdaemon

28 matches found

CVE
CVE
added 2009/08/13 4:0 p.m.67 views

CVE-2008-6967

The CVE-2008-6967 entry concerns Alt-N MDaemon WorldClient in versions up to 10.0.1, with multiple unspecified vulnerabilities in WorldClient potentially involving cross-site scripting (XSS). The connected documents corroborate affected product (MDaemon/WorldClient), imply an XSS-related risk, an...

5CVSS5.8AI score0.01182EPSS
CVE
CVE
added 2000/11/29 5:0 a.m.64 views

CVE-2000-1020

CVE-2000-1020 describes a heap overflow in Worldclient of MDaemon (versions 3.1.1 and earlier) that can be triggered by a long URL, allowing remote attackers to cause a denial of service and potentially execute arbitrary commands. The issue is exploitable over the network without authentication, ...

7.5CVSS8.2AI score0.02258EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.63 views

CVE-2000-0399

The CVE-2000-0399 entry concerns the MDaemon POP3 server. A buffer overflow in the POP server allows remote attackers to crash the service by sending a too-long user name, resulting in a denial of service. Affected component: MDaemon POP3 server (remote input to user field). Impact: remote DoS wi...

5CVSS6.8AI score0.01329EPSS
CVE
CVE
added 2005/08/04 4:0 a.m.63 views

CVE-2004-2292

CVE-2004-2292 affects Alt-N MDaemon 7.0.1: a buffer overflow in the IMAP server triggered by a long STATUS command allows remote attackers to cause a denial of service (application crash). The available documents confirm the vulnerable component (IMAP STATUS handling) and the impact (DoS); no exp...

5CVSS7AI score0.12187EPSS
CVE
CVE
added 2006/02/28 11:0 a.m.63 views

CVE-2006-0925

CVE-2006-0925 affects the IMAP server component (IMAP4rev1) of Alt-N MDaemon 8.1.1 (and possibly 8.1.4). The vulnerability is a format string flaw in folder-name handling that, when an attacker creates and lists folders containing format specifiers, can cause the server to suffer CPU exhaustion a...

5CVSS6.7AI score0.03119EPSS
CVE
CVE
added 2005/02/20 5:0 a.m.61 views

CVE-2004-1546

CVE-2004-1546 affects MDaemon 6.5.1. The issue is a stack buffer overflow in the MDaemon SMTP and IMAP command processing (overly long arguments to SAML/SOML/SEND/MAIL or LIST), leading to denial of service (crash) and, per advisories, potential remote code execution with system privileges. Explo...

5CVSS7AI score0.31079EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.58 views

CVE-2000-0501

MDaemon 2.8.5.0 POP server is affected by a race condition that can cause a denial of service when a UIDL command is issued and the server is exited rapidly. The issue is described as a local DoS with partial availability impact and a low CVSS. No exploitation details are provided in the availabl...

2.6CVSS6.7AI score0.04144EPSS
CVE
CVE
added 2005/12/13 11:0 a.m.56 views

CVE-2005-4209

CVE-2005-4209 concerns WorldClient webmail in Alt-N MDaemon 8.1.3. The issue arises from script tags in the Subject header, enabling cross‑site scripting that can prevent users from accessing their Inbox. The vulnerability is described as impacting availability (partial) without affecting confide...

4.3CVSS6.2AI score0.02133EPSS
CVE
CVE
added 2006/11/17 10:0 p.m.55 views

CVE-2006-5968

MDaemon 9.0.5, 9.0.6, 9.51, and 9.53 (and possibly other versions) install the MDaemon application folder with insecure permissions, allowing local users to create files/directories. This untrusted search path enables local code execution by placing malicious RASAPI32.DLL or MPRAPI.DLL in the MDa...

4.6CVSS7.7AI score0.00396EPSS
CVE
CVE
added 2000/11/29 5:0 a.m.54 views

CVE-2000-1021

CVE-2000-1021 describes a heap overflow in the WebConfig component of Mdaemon ≤ 3.1.1. The vulnerability allows remote attackers to cause a denial of service and potentially execute arbitrary commands by supplying a long URL. Exploitation details are not provided in the available documents. No re...

7.5CVSS8.2AI score0.03804EPSS
CVE
CVE
added 2001/07/27 4:0 a.m.54 views

CVE-2001-0583

CVE-2001-0583 affects Alt-N Technologies MDaemon 3.5.4. A remote attacker can cause a denial of service by issuing a request to a MS-DOS device endpoint (e.g., GET /aux) on the Worldclient service (port 3000) or the Webconfig service (port 3001). The available documents do not provide remediation...

5CVSS6.7AI score0.01614EPSS
CVE
CVE
added 2006/11/04 1:0 a.m.54 views

CVE-2006-5709

Technical details about CVE-2006-5709 are not publicly provided in the supplied documents. Monitor for updates; no affected products, exploit info, or remediation details are confirmed here.

10CVSS6.8AI score0.0152EPSS
CVE
CVE
added 2001/02/02 5:0 a.m.53 views

CVE-2001-0064

MDaemon IMAP Server DoS (CVE-2001-0064): The vulnerability affects MDaemon Webconfig/IMAP in versions up to 3.5.0 and earlier, where a remote attacker can crash the service by sending a long URL/argument terminated by a CRLF (LOGIN) string. OpenVAS/Nessus entries confirm remote DoS via long input...

5CVSS6.6AI score0.0186EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.53 views

CVE-2002-1738

CVE-2002-1738 affects Alt-N Technologies MDaemon 5.0.5.0 and earlier. The issue is that a default MDaemon mail account is created with the password “MServer,” which could allow remote attackers to send anonymous email. The available sources describe the affected product and the default credential...

5CVSS7.3AI score0.01336EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.53 views

CVE-2002-1740

The CVE-2002-1740 entry describes a buffer overflow in WorldClient.cgi (WorldClient) of Alt-N Technologies MDaemon

2.1CVSS7.8AI score0.01103EPSS
CVE
CVE
added 2005/10/25 4:0 a.m.53 views

CVE-2004-2504

The CVE affects Alt-N Technologies MDaemon (7.2 and earlier, including 6.8). The GUI creates new files by launching child processes (e.g., NOTEPAD.EXE) with SYSTEM privileges, enabling local users with physical access to escalate privileges. Root cause is the GUI spawning and executing external e...

7.2CVSS6.4AI score0.00484EPSS
CVE
CVE
added 2005/12/15 11:0 a.m.53 views

CVE-2005-4266

The CVE-2005-4266 issue affects Alt-N MDaemon/WorldClient (WorldClient.dll) where WorldClient 8.1.3 trusts a Session parameter containing a randomly generated session ID linked to a username. This enables remote attackers to impersonate other users by guessing or sniffing the session value. Conne...

7.5CVSS7.1AI score0.01317EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.52 views

CVE-2000-0716

CVE-2000-0716 affects WorldClient email client in MDaemon 2.8. The session ID is included in the referer header of an HTTP request when the user clicks a URL, allowing the visited site to hijack the session ID and read the user’s email. Exploitation details are not provided in the documents, and ...

2.6CVSS6.7AI score0.011EPSS
CVE
CVE
added 2001/07/27 4:0 a.m.52 views

CVE-2001-0584

MDaemon IMAP Server DoS (CVE-2001-0584): The Affected product is Alt-N Technologies MDaemon IMAP Server, version around 3.5.6. The vulnerability is triggered by sending too long arguments to the SELECT or EXAMINE commands, causing the server to crash (denial of service) for remote clients. Root c...

2.1CVSS6.3AI score0.0093EPSS
CVE
CVE
added 2005/05/10 4:0 a.m.51 views

CVE-2003-1200

CVE-2003-1200 is a stack-based buffer overflow in Alt-N MDaemon’s WorldClient form2raw.cgi (FORM2RAW.exe). A long From parameter to Form2Raw.cgi can cause remote code execution. Affected products include MDaemon versions 6.5.2–6.8.5 with WorldClient HTTP server enabled; upgrade to 6.8.6 or remove...

7.5CVSS7.9AI score0.65097EPSS
Web
CVE
CVE
added 2007/07/09 4:0 p.m.49 views

CVE-2007-3622

CVE-2007-3622 affects Alt‑N Technologies MDaemon before 9.61, via the DomainPOP Mail Collection component. A malformed message may cause the server to crash, allowing a remote attacker to deny service to legitimate users (DoS). The issue is described as an unspecified vulnerability in DomainPOP; ...

2.6CVSS6.6AI score0.01399EPSS
CVE
CVE
added 2006/08/25 11:0 p.m.48 views

CVE-2006-4364

CVE-2006-4364 affects Alt-N Technologies’ MDaemon POP3 server prior to version 9.0.6. The vulnerability is due to multiple heap-based buffer overflows triggered by long strings containing '@' characters in the USER and APOP commands. Exploitation can cause a daemon crash (DoS) and may allow remot...

5CVSS7.9AI score0.54621EPSS
CVE
CVE
added 2007/10/24 11:0 p.m.47 views

CVE-2003-1470

The CVE concerns MDaemon IMAP Service with versions 6.7.5 and earlier. A buffer overflow is triggered in the IMAP CREATE command when a mailbox name is excessively long, allowing a remote authenticated user to crash the service and potentially execute arbitrary code. The descriptions consistently...

9CVSS7.7AI score0.04983EPSS
CVE
CVE
added 2006/11/04 1:0 a.m.47 views

CVE-2006-5708

MDaemon and WorldClient (Alt‑N Technologies MDaemon) before 9.50 are affected by CVE-2006-5708 due to multiple unspecified vulnerabilities that allow a denial of service via memory consumption leading to memory leaks. The issue affects MDaemon and WorldClient prior to version 9.50. Root cause vec...

7.5CVSS7.1AI score0.0101EPSS
CVE
CVE
added 2006/05/30 10:0 a.m.46 views

CVE-2006-2646

CVE-2006-2646 is a buffer overflow in Alt-N MDaemon (likely affected versions up to 9.0.1 and earlier) that allows remote attackers to execute arbitrary code. The overflow occurs via a long A0001 argument that begins with a double quote (""). The connected sources provide the same description acr...

7.5CVSS8AI score0.0455EPSS
CVE
CVE
added 2001/02/02 5:0 a.m.44 views

CVE-2001-0104

MDaemon Pro 3.5.1 and earlier have a local privilege bypass: a user can bypass the "lock server" security setting by pressing Cancel at the password prompt and then pressing Enter. The available documents confirm the affected product and UI-based trigger, but do not provide concrete mitigation st...

7.2CVSS7AI score0.00396EPSS
CVE
CVE
added 2003/03/18 5:0 a.m.44 views

CVE-2002-1539

CVE-2002-1539 affects MDaemon POP Server up to version 6.0.7. The vulnerability is a buffer overflow in handling long DELE and UIDL arguments, allowing a remote authenticated attacker to trigger a denial of service. The issue is evidenced by multiple sources (NVD description, Tenable Nessus entry...

5CVSS6.6AI score0.0321EPSS
CVE
CVE
added 2007/10/24 11:0 p.m.42 views

CVE-2003-1471

MDaemon POP server 6.0.7 and earlier is affected. The vulnerability allows remote authenticated users to cause a denial of service (crash) by issuing POP commands DELE or UIDL with a negative number. The connected documents confirm the affected product and the faulty commands but do not provide d...

6.3CVSS6.7AI score0.01101EPSS