MDaemon.Remote.PreAuthentication.IMAP.Buffer.Overflow
Description
This indicates a possible attempt to exploit a vulnerability in Alt-N MDaemon IMAP Server.
The vulnerability is caused by an error when the vulnerable software handles a long A0001 argument that begins with a '"' (double quote). It allows a remote attacker to execute arbitrary code.
Affected Products
Alt-N, MDaemon, 9.0.1
Alt-N, MDaemon, 8.1.4
Alt-N, MDaemon, 8.1.3
Alt-N, MDaemon, 8.1.1
Alt-N, MDaemon, 7.2
Alt-N, MDaemon, 6.8.5
Alt-N, MDaemon, 6.8.4
Alt-N, MDaemon, 6.8.3
Alt-N, MDaemon, 6.8.2
Alt-N, MDaemon, 6.8.1
Alt-N, MDaemon, 6.8.0
Alt-N, MDaemon, 6.7.9
Alt-N, MDaemon, 6.7.5
Alt-N, MDaemon, 6.5.2
Alt-N, MDaemon, 6.5.1
Alt-N, MDaemon, 6.5.0
Alt-N, MDaemon, 6.0.7
Alt-N, MDaemon, 6.0.6
Alt-N, MDaemon, 6.0.5
Alt-N, MDaemon, 6.0
Alt-N, MDaemon, 5.0.7
Alt-N, MDaemon, 5.0.6
Alt-N, MDaemon, 5.0.5
Alt-N, MDaemon, 5.0.4
Alt-N, MDaemon, 5.0.3
Alt-N, MDaemon, 5.0.2
Alt-N, MDaemon, 5.0.1
Alt-N, MDaemon, 5.0
Alt-N, MDaemon, 5.0, Professional Edition
Alt-N, MDaemon, 3.5.6
Alt-N, MDaemon, 3.5.4, Standard
Alt-N, MDaemon, 3.5.4, Professional Edition
Alt-N, MDaemon, 3.5.4
Alt-N, MDaemon, 3.5.1
Alt-N, MDaemon, 3.5.0
Alt-N, MDaemon, 3.1 Beta
Alt-N, MDaemon, 3.1.2
Alt-N, MDaemon, 3.1.1
Alt-N, MDaemon, 3.0.4
Alt-N, MDaemon, 3.0.3
Alt-N, MDaemon, 2.8.5.0
Alt-N, MDaemon, 2.8
Impact
System compromise, remote code execution.
Recommended Actions
Currently we are not aware of any official supplied fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |