CVE-2006-4364

MDaemon POP3 Server < 9.06 - 'USER' Remote Buffer Overflow (PoC)

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands.

Múltiples desbordamientos de búfer en el servidor POP3 de Alt-N Technologies MDaemon anterior a 9.0.6 permiten a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente ejecutar código de su elección mediante cadenas largas que contienen caracteres '@' en los comandos (1) USER y (2) APOP.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-08-25 CVE Reserved
2006-08-25 CVE Published
2006-08-26 First Exploit
2023-05-22 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (12)

URL	Tag	Source
http://files.altn.com/MDaemon/Release/RelNotes_en.txt	X_refsource_confirm
http://securityreason.com/securityalert/1446	Third Party Advisory
http://securitytracker.com/id?1016729	Vdb Entry
http://www.osvdb.org/28125	Vdb Entry
http://www.securityfocus.com/archive/1/444015/100/0/threaded	Mailing List
http://www.vupen.com/english/advisories/2006/3361	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28517	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/2245	2024-08-07
https://www.exploit-db.com/exploits/2258	2006-08-26
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-08-04	2024-08-07
http://www.securityfocus.com/bid/19651	2024-08-07

URL	Date	SRC
http://secunia.com/advisories/21595	2018-10-17

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				2.8 Search vendor "Alt-n" for product "Mdaemon" and version "2.8"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				2.8.5.0 Search vendor "Alt-n" for product "Mdaemon" and version "2.8.5.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				2.71_sp1 Search vendor "Alt-n" for product "Mdaemon" and version "2.71_sp1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.0.3 Search vendor "Alt-n" for product "Mdaemon" and version "3.0.3"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.0.4 Search vendor "Alt-n" for product "Mdaemon" and version "3.0.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.1.1 Search vendor "Alt-n" for product "Mdaemon" and version "3.1.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.1.2 Search vendor "Alt-n" for product "Mdaemon" and version "3.1.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.1_beta Search vendor "Alt-n" for product "Mdaemon" and version "3.1_beta"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.0 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.1 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.4 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.4 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.4"		pro		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.4 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.4"		standard		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				3.5.6 Search vendor "Alt-n" for product "Mdaemon" and version "3.5.6"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0 Search vendor "Alt-n" for product "Mdaemon" and version "5.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0 Search vendor "Alt-n" for product "Mdaemon" and version "5.0"		pro		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.1 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.2 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.3 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.3"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.4 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.5 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.5"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.6 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.6"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				5.0.7 Search vendor "Alt-n" for product "Mdaemon" and version "5.0.7"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.0 Search vendor "Alt-n" for product "Mdaemon" and version "6.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.0.5 Search vendor "Alt-n" for product "Mdaemon" and version "6.0.5"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.0.6 Search vendor "Alt-n" for product "Mdaemon" and version "6.0.6"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.0.7 Search vendor "Alt-n" for product "Mdaemon" and version "6.0.7"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.5.0 Search vendor "Alt-n" for product "Mdaemon" and version "6.5.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.5.1 Search vendor "Alt-n" for product "Mdaemon" and version "6.5.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.5.2 Search vendor "Alt-n" for product "Mdaemon" and version "6.5.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.7.5 Search vendor "Alt-n" for product "Mdaemon" and version "6.7.5"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.7.9 Search vendor "Alt-n" for product "Mdaemon" and version "6.7.9"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.0 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.0"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.1 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.2 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.3 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.3"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.4 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				6.8.5 Search vendor "Alt-n" for product "Mdaemon" and version "6.8.5"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				7.2 Search vendor "Alt-n" for product "Mdaemon" and version "7.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				8.1.1 Search vendor "Alt-n" for product "Mdaemon" and version "8.1.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				8.1.3 Search vendor "Alt-n" for product "Mdaemon" and version "8.1.3"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				8.1.4 Search vendor "Alt-n" for product "Mdaemon" and version "8.1.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				9.0.1 Search vendor "Alt-n" for product "Mdaemon" and version "9.0.1"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				9.0.2 Search vendor "Alt-n" for product "Mdaemon" and version "9.0.2"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				9.0.3 Search vendor "Alt-n" for product "Mdaemon" and version "9.0.3"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				9.0.4 Search vendor "Alt-n" for product "Mdaemon" and version "9.0.4"		-		Affected
Alt-n Search vendor "Alt-n"		Mdaemon Search vendor "Alt-n" for product "Mdaemon"				9.0.5 Search vendor "Alt-n" for product "Mdaemon" and version "9.0.5"		-		Affected