Signature Detail

SMTP: MDaemon Mail Server Overflow

This signature detects attempts to exploit a known vulnerability against the MDaemon mail server. MDaemon 6.7.9 and older versions are vulnerable. Attackers can send an overly long SMTP, SAML, SOML, or SEND command to overflow the buffer and crash the MDaemon service; attackers can also obtain complete server control with SYSTEM level access.

Extended Description

A vulnerability in the MDaemon email server is caused by user-supplied strings which are improperly checked. This could enable an attacker to cause a denial of service, or execute arbitrary commands on a system with the privileges of the current account running the MDaemon email server.

References

• URL: http://securitytracker.com/id?1011386