Privilege Escalation in Alt-N Technologies MDaemon
CVE-2004-2504

Currently unrated

Key Information:

Vendor: Alt-n
Status: Mdaemon
Vendor: CVE Published:; 31 December 2004

What is CVE-2004-2504?

The MDaemon email server software from Alt-N Technologies has a vulnerability that allows local users with physical access to the system to execute child processes, such as NOTEPAD.EXE, with elevated SYSTEM privileges. This occurs when users create new files through the software's graphical user interface (GUI) in versions 7.2 and earlier, posing a significant security risk as it enables unauthorized users to gain increased privileges on the affected system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18287

vdb-entryx_refsource_XF

http://securitytracker.com/id?1012350

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/13225

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 25, 2005
Vulnerability published
Dec 31, 2004

Alt-n

What is CVE-2004-2504?

References

Timeline