Page 4 of 38 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value. • http://secunia.com/advisories/17990 http://www.ipomonis.com/advisories/mdaemon.zip •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 3

WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability. • https://www.exploit-db.com/exploits/26779 http://secunia.com/advisories/17990 http://www.ipomonis.com/advisories/mdaemon.zip http://www.securityfocus.com/bid/15815 https://exchange.xforce.ibmcloud.com/vulnerabilities/23551 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.0EPSS: 85%CPEs: 1EXPL: 4

Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. • https://www.exploit-db.com/exploits/473 https://www.exploit-db.com/exploits/24624 http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026770.html http://marc.info/?l=bugtraq&m=109591179510781&w=2 http://www.osvdb.org/10223 http://www.osvdb.org/10224 http://www.securityfocus.com/bid/11238 http://www.securitylab.ru/48146.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17476 https://exchange.xforce.ibmcloud.com/vulnerabilities/17477 •

CVSS: 5.0EPSS: 0%CPEs: 27EXPL: 2

Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. • http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0527.html http://www.securityfocus.com/bid/10366 https://exchange.xforce.ibmcloud.com/vulnerabilities/16118 •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 3

The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2004-11/0385.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1324.html http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1353.html http://secunia.com/advisories/13225 http://securitytracker.com/id?1012350 http://www.osvdb.org/12158 http://www.securityfocus.com/bid/11736 https://exchange.xforce.ibmcloud.com/vulnerabilities/18287 •