Privilege Escalation Vulnerability in Alt-N WebAdmin for MDaemon
CVE-2006-4370

Currently unrated

Key Information:

Vendor: Alt-n
Status: Webadmin
Vendor: CVE Published:; 26 August 2006

What is CVE-2006-4370?

A vulnerability in Alt-N WebAdmin versions 3.2.3 and 3.2.4, in conjunction with MDaemon version 9.0.5 and possibly earlier versions, allows remote authenticated domain administrators to exploit the userlist.wdm file. By manipulating this file, an attacker can change the password of a global administrator, subsequently gaining unauthorized administrative privileges over the application. This security flaw underscores the importance of stringent access controls and regular security assessments.

References

http://www.vupen.com/english/advisories/2006/3333

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/28489

vdb-entryx_refsource_XF

http://lists.grok.org.uk/pipermail/full-disclosure/2006-A...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Aug 26, 2006
Vulnerability Reserved
Aug 25, 2006

Alt-n

What is CVE-2006-4370?

References

Timeline