header-logo
Suggest Exploit
vendor:
MDaemon Server
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: MDaemon Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

MDaemon Server Directory Traversal Vulnerability

MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input. Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory. The following email attachment filename example was provided: '../../../../../file.exe'

Mitigation:

Ensure that user input is properly sanitized before being used in file system operations.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14400/info

MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input.

Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory. 

The following email attachment filename example was provided:

'../../../../../file.exe'

Navigation

Suggest Exploit

Services By CQR