MDaemon 8.0 - Content Filter Directory Traversal

EDB-ID:

26044

CVE:

EDB Verified:

Author:

Tan Chew Keong

Type:

remote

Exploit: /

Platform:

Windows

Date:

2005-07-27

Vulnerable App:

source: https://www.securityfocus.com/bid/14400/info

MDaemon server is prone to a directory traversal vulnerability due to improper sanitization of user input.

Failure to sanitize the filename and path may result in compromise of the file system outside of the application's quarantine directory. 

The following email attachment filename example was provided:

'../../../../../file.exe'

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services