CVSS: 5.0EPSS: 22%CPEs: 47EXPL: 4CVE-2006-4364 – MDaemon POP3 Server < 9.06 - 'USER' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-4364
Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands. Múltiples desbordamientos de búfer en el servidor POP3 de Alt-N Technologies MDaemon anterior a 9.0.6 permiten a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente ejecutar código de su elección mediante cadenas largas que contienen caracteres '@' en los comandos (1) USER y (2) APOP. • https://www.exploit-db.com/exploits/2245 https://www.exploit-db.com/exploits/2258 http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://secunia.com/advisories/21595 http://securityreason.com/securityalert/1446 http://securitytracker.com/id?1016729 http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-08-04 http://www.osvdb.org/28125 http://www.securityfocus.com/archive/1/444015/100/0/threaded http://www.securityfocus.com/bid/19651 http://www.vupen.com/ •
CVSS: 7.5EPSS: 2%CPEs: 42EXPL: 3CVE-2006-2646 – Alt-N MDaemon 2-8 - IMAP Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2646
Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote). Desbordamiento de búfer en Alt-N MDaemon, posiblemente 9.0.1 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de un argumento A0001 largo que comienza con un '"' (comillas dobles). • https://www.exploit-db.com/exploits/27914 http://marc.info/?l=full-disclosure&m=114882270912151&w=2 http://securitytracker.com/id?1016167 http://www.securityfocus.com/bid/18129 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 3CVE-2004-2504
https://notcve.org/view.php?id=CVE-2004-2504
The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-11/0385.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html http://secunia.com/advisories/13225 http://securitytracker.com/id?1012350 http://www.osvdb.org/12158 http://www.securityfocus.com/bid/11736 https://exchange.xforce.ibmcloud.com/vulnerabilities/18287 •