Published: 17/03/2008 Updated: 29/09/2017

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 660

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.

Vulnerable Product	Search on Vulmon	Subscribe to Product
altn mdaemon 9.6.4

## # $Id: mdaemon_fetchrb 9525 2010-06-15 07:18:08Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Me ...

#!/usr/bin/python ############################################################################### # # MDAEMON (POST AUTH) REMOTE R00T IMAP FETCH COMMAND UNIVERSAL EXPLOIT 0day # Bug discovered and coded by Matteo Memelli aka ryujin # wwwgray-worldnet wwwbe4mindcom # # Affected Versions : MDaemon IMAP server v964 # Tested on OS ...

CWE-119 http://www.be4mind.com/?q=node/256 http://files.altn.com/MDaemon/Release/RelNotes_en.txt http://www.securityfocus.com/bid/28245 http://secunia.com/advisories/29382 http://www.securitytracker.com/id?1019615 http://www.vupen.com/english/advisories/2008/0877/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41195 https://www.exploit-db.com/exploits/5248 https://nvd.nist.gov https://www.exploit-db.com/exploits/16482/

CVE-2008-1358

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect