| VID |
18071 |
| Severity |
30 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The MDaemon SMTP, according to its version, has a Local Privilege Escalation Vulnerability.
MDaemon is a multi-protocol mail server, developed by Alt-N Technologies, for Microsoft Windows systems. MDaemon 7.2.0 and possible prior versions allow a local Privilege Escalation by a local attacker, caused by a failure of the application to properly drop privileges prior to executing child processes. An attacker could exploit this vulnerability to escalate privilege and execute code with SYSTEM privileges.
* Note: This check solely relied on the version number of the remote MDaemon to assess this vulnerability, so this might be a false positive.
* Platforms Affected:
Alt-N Technologies, Inc., MDaemon 7.2.0 and earlier
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Mdaemon (7.2.1 or later), available from the Alt-N Technologies Web site at http://www.altn.com/download/default.asp?product%5Fid=MDaemon |
| Related URL |
CVE-2004-2504 (CVE) |
| Related URL |
11736 (SecurityFocus) |
| Related URL |
18287 (ISS) |
|
