VYPR

Mdaemon

by Alt N

CVEs (42)

  • CVE-2006-5708HigNov 4, 2006
    risk 0.49cvss 7.5epss 0.01

    Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial of service (memory consumption) via unspecified vectors resulting in memory leaks.

  • CVE-2002-1739MedDec 31, 2002
    risk 0.36cvss 5.5epss 0.00

    Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.

  • CVE-2008-1358Mar 17, 2008
    risk 0.08cvss epss 0.57

    Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.

  • CVE-2003-1200Dec 29, 2003
    risk 0.08cvss epss 0.65

    Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.

  • CVE-2006-4364Aug 27, 2006
    risk 0.07cvss epss 0.55

    Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP…

  • CVE-2008-2631Jun 10, 2008
    risk 0.05cvss epss 0.23

    The WordClient interface in Alt-N Technologies MDaemon 9.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted HTTP POST request. NOTE: the provenance of this information is unknown; the details are obtained…

  • CVE-2004-1546Dec 31, 2004
    risk 0.05cvss epss 0.31

    Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.

  • CVE-2020-18724Feb 3, 2021
    risk 0.03cvss epss 0.03

    Authenticated stored cross-site scripting (XSS) in the contact name field in the distribution list of MDaemon webmail 19.5.5 allows an attacker to executes code and perform a XSS attack while opening a contact list.

  • CVE-2012-2584Aug 12, 2012
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) the Cascading Style Sheets (CSS) expression property in conjunction with a CSS comment within the…

  • CVE-2006-2646May 30, 2006
    risk 0.03cvss epss 0.05

    Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote).

  • CVE-2006-0925Feb 28, 2006
    risk 0.03cvss epss 0.03

    Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers.

  • CVE-2005-4209Dec 13, 2005
    risk 0.03cvss epss 0.02

    WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site…

  • CVE-2002-1539Mar 31, 2003
    risk 0.03cvss epss 0.03

    Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments.

  • CVE-2002-1741Dec 31, 2002
    risk 0.03cvss epss 0.01

    Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to delete arbitrary files via a ".." (dot dot) in the Attachments parameter.

  • CVE-2002-1740Dec 31, 2002
    risk 0.03cvss epss 0.01

    Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier allows local users to execute arbitrary code via a long folder name (NewFolder parameter).

  • CVE-2001-0584Aug 22, 2001
    risk 0.03cvss epss 0.01

    IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands.

  • CVE-2000-1021Dec 11, 2000
    risk 0.03cvss epss 0.04

    Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL.

  • CVE-2000-0501Jun 16, 2000
    risk 0.03cvss epss 0.04

    Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server.

  • CVE-1999-0844Nov 24, 1999
    risk 0.03cvss epss 0.06

    Denial of service in MDaemon WorldClient and WebConfig services via a long URL.

  • CVE-2004-2292Dec 31, 2004
    risk 0.01cvss epss 0.12

    Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server.

Page 1 of 3