Alt-N Mdaemon vulnerabilities
27 known vulnerabilities affecting alt-n/mdaemon.
Total CVEs
27
CISA KEV
0
Public exploits
11
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8MEDIUM13LOW5
Vulnerabilities
Page 2 of 2
CVE-2001-0583P4MEDIUMCVSS 5.0v3.5.42001-08-22
CVE-2001-0583 [MEDIUM] CVE-2001-0583: Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL
Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001.
nvd
CVE-2000-0399P4MEDIUMCVSS 5.0v3.0.3v3.1_beta2000-05-24
CVE-2000-0399 [MEDIUM] CVE-2000-0399: Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a lon
Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name.
nvd
CVE-2001-0064P4MEDIUMCVSS 5.0v3.5.02001-02-12
CVE-2001-0064 [MEDIUM] CVE-2001-0064: Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a
Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string.
nvd
CVE-2003-1471P4MEDIUMCVSS 6.3≤ 6.0.72003-12-31
CVE-2003-1471 [MEDIUM] CWE-20 CVE-2003-1471: MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service
MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number.
nvd
CVE-2006-5968P4MEDIUMCVSS 4.6v9.0.5v9.0.6+2 more2006-11-17
CVE-2006-5968 [MEDIUM] CVE-2006-5968: MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application
MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure
nvd
CVE-2007-3622P4LOWCVSS 2.6≤ 9.602007-07-09
CVE-2007-3622 [LOW] CVE-2007-3622: Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attac
Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages.
nvd
CVE-2000-0716P4LOWCVSS 2.6v2.82000-10-20
CVE-2000-0716 [LOW] CVE-2000-0716: WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP requ
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
nvd
← Previous2 / 2