Heap-Based Buffer Overflow in MDaemon POP3 Server by Alt-N Technologies
CVE-2006-4364

Currently unrated

Key Information:

Vendor: Alt-n
Status: Mdaemon
Vendor: CVE Published:; 27 August 2006

What is CVE-2006-4364?

The MDaemon POP3 server, prior to version 9.0.6, contains multiple heap-based buffer overflow vulnerabilities. These security flaws allow remote attackers to potentially crash the server (resulting in a denial of service) and may enable execution of arbitrary code. Exploitation occurs through the transmission of excessively long strings, particularly those containing '@' characters, in the USER and APOP commands, leading to severe security risks.

References

https://www.exploit-db.com/exploits/2245

exploitx_refsource_EXPLOIT-DB

http://securitytracker.com/id?1016729

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/3361

vdb-entryx_refsource_VUPEN

EPSS Score

68% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 27, 2006
Vulnerability Reserved
Aug 25, 2006

Alt-n

What is CVE-2006-4364?

References

EPSS Score

Timeline