Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service

EDB-ID:

19639


Author:

Ussr Labs

Type:

dos


Platform:

Windows

Date:

1999-11-24


source: https://www.securityfocus.com/bid/820/info

The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET requests. An abnormally large URL sent to the WebConfig service at port 2002 will crash the service.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-1.zip

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19639-2.exe