Vulnerabilities > ALT N
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-26 | CVE-2006-4370 | Privilege Escalation vulnerability in Alt-N Webadmin 3.2.3/3.2.4 Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file. | 7.5 |
| 2006-05-30 | CVE-2006-2646 | Remote Pre-Authentication IMAP Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote). | 7.5 |
| 2006-02-28 | CVE-2006-0925 | Remote Format String vulnerability in Alt-N MDaemon IMAP Server Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers. | 5.0 |
| 2005-12-15 | CVE-2005-4266 | Remote Security vulnerability in Mdaemon WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value. | 7.5 |
| 2005-12-13 | CVE-2005-4209 | Code Injection vulnerability in Alt-N Mdaemon and Worldclient WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability. | 4.3 |
| 2005-01-28 | CVE-2005-0319 | Remote vulnerability in Alt-N Webadmin 3.0.3 Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks. network alt-n | 4.3 |
| 2005-01-28 | CVE-2005-0318 | Remote vulnerability in Alt-N Webadmin 3.0.2 useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter. | 2.1 |
| 2005-01-28 | CVE-2005-0317 | Remote vulnerability in Alt-N Webadmin 3.0.2 Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter. network alt-n | 4.3 |
| 2004-12-31 | CVE-2004-2504 | Local Privilege Escalation vulnerability in Alt-N MDaemon The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. | 7.2 |
| 2004-12-31 | CVE-2004-2292 | Remote Status Command Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server. | 5.0 |