header-logo
Suggest Exploit
vendor:
Mail Server for Windows
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Mail Server for Windows
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Mdaemon mail server for Windows Buffer Overflow Vulnerability

The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET requests. An abnormally large URL sent to the WebConfig service at port 2002 will crash the service.

Mitigation:

Ensure that the WebConfig service is not exposed to the public internet and that all requests are properly validated.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/820/info

The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET requests. An abnormally large URL sent to the WebConfig service at port 2002 will crash the service.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-1.zip

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-2.exe

Navigation

Suggest Exploit

Services By CQR