CVE-1999-0844
published 1999-11-24CVE-1999-0844: Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
PriorityP415medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
5.83%
92.2th percentile
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| deerfield | mdaemon | — | — |
| deerfield | mdaemon | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service
exploitdb·1999-11-26
CVE-1999-0844 Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service
Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL Denial of Service
---
source: https://www.securityfocus.com/bid/823/info
Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buffer in the request handler. Supplying a long url will crash the server.
http ://target.host:2000/[long string]
Exploit-DB
Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service
exploitdb·1999-11-24
CVE-1999-0844 Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service
Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service
---
source: https://www.securityfocus.com/bid/820/info
The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET requests. An abnormally large URL sent to the WebConfig service at port 2002 will crash the service.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-1.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-2.exe
No writeups or analysis indexed.
1999-11-24
Published