Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mdaemon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0716
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
Alt-n Mdaemon 2.8
8.8
CVSSv3
CVE-2018-17792
MDaemon Webmail (formerly WorldClient) has CSRF.
Altn Mdaemon Webmail 14.0
NA
CVE-2003-1470
Buffer overflow in IMAP service in MDaemon 6.7.5 and previous versions allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name.
Alt-n Mdaemon 6.7.5
NA
CVE-2001-0583
Alt-N Technologies MDaemon 3.5.4 allows a remote malicious user to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001.
Alt-n Mdaemon 3.5.4
NA
CVE-2001-0584
IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands.
Alt-n Mdaemon 3.5.6
1 EDB exploit
NA
CVE-2000-1020
Heap overflow in Worldclient in Mdaemon 3.1.1 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long URL.
Alt-n Mdaemon 3.1.1
NA
CVE-2004-1546
Multiple buffer overflows in MDaemon 6.5.1 allow remote malicious users to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.
Alt-n Mdaemon 6.5.1
2 EDB exploits
NA
CVE-2000-1021
Heap overflow in WebConfig in Mdaemon 3.1.1 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long URL.
Alt-n Mdaemon 3.1.1
1 EDB exploit
NA
CVE-2001-0064
Webconfig, IMAP, and other services in MDaemon 3.5.0 and previous versions allows remote malicious users to cause a denial of service via a long URL terminated by a "\r\n" string.
Alt-n Mdaemon 3.5.0
NA
CVE-2001-0104
MDaemon Pro 3.5.1 and previous versions allows local users to bypass the "lock server" security setting by pressing the Cancel button at the password prompt, then pressing the enter key.
Alt-n Mdaemon 3.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »