Vulnerabilities > ALT N > Mdaemon > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-13 | CVE-2008-6967 | Unspecified vulnerability in Alt-N Mdaemon and Worldclient Multiple unspecified vulnerabilities in WorldClient in Alt-N MDaemon before 10.02 have unknown impact and attack vectors, probably related to cross-site scripting (XSS) and WorldClient DLL 10.0.1, a different vulnerability than CVE-2008-6893. | 5.0 |
| 2006-11-17 | CVE-2006-5968 | Local Security vulnerability in Mdaemon MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions. | 4.6 |
| 2006-11-04 | CVE-2006-5708 | Denial-Of-Service vulnerability in Mdaemon Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial of service (memory consumption) via unspecified vectors resulting in memory leaks. | 5.0 |
| 2006-08-27 | CVE-2006-4364 | Remote Pre-Authentication POP3 Buffer Overflow vulnerability in Alt-N MDaemon Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands. | 5.0 |
| 2006-02-28 | CVE-2006-0925 | Remote Format String vulnerability in Alt-N MDaemon IMAP Server Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers. | 5.0 |
| 2005-12-13 | CVE-2005-4209 | Code Injection vulnerability in Alt-N Mdaemon and Worldclient WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability. | 4.3 |
| 2004-12-31 | CVE-2004-2292 | Remote Status Command Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. | 5.0 |
| 2004-12-31 | CVE-2004-1546 | Remote Buffer Overflow vulnerability in Alt-N Mdaemon 6.5.1 Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | 5.0 |
| 2003-12-31 | CVE-2003-1471 | Improper Input Validation vulnerability in Alt-N Mdaemon MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | 6.3 |
| 2003-03-31 | CVE-2002-1539 | Buffer Overflow vulnerability in Alt-N MDaemon POP Server Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments. | 5.0 |