Unrated severityNVD Advisory· Published Nov 17, 2006· Updated Apr 23, 2026

CVE-2006-5968

Description

MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions.

Affected products

Alt N/Mdaemon4 versions
cpe:2.3:a:alt-n:mdaemon:9.0.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:alt-n:mdaemon:9.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:alt-n:mdaemon:9.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:alt-n:mdaemon:9.51:*:*:*:*:*:*:*
- cpe:2.3:a:alt-n:mdaemon:9.53:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/secunia_research/2006-67/advisory/nvdVendor Advisory
secunia.com/advisories/21554nvd
securityreason.com/securityalert/1890nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/451821/100/100/threadednvd
www.vupen.com/english/advisories/2006/4538nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30331nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000