Alt-N MDaemon prior 7.2.1 local privilege escalation vulnerability 1.1
 
Plugin ID335
Plugin nameAlt-N MDaemon prior 7.2.1 local privilege escalation vulnerability
Plugin filenameAlt-N MDaemon prior 7.2.1 local privilege escalation vulnerability.plugin
Plugin filesize2521 bytes
Plugin familySMTP
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/09
Plugin version1.1
Plugin protocoltcp
Plugin port25
Plugin procedure detectionopen|sleep|close|pattern_exists 220*ESMTP MDaemon [0-6].* OR 220*ESMTP MDaemon 7.[0-1].* OR 220*ESMTP MDaemon 7.2.[0-1]*
Plugin detection accuracy80
Plugin commentThe NASL script is Copyright (C) 2004 Tenable Network Security
Bug produced nameAlt-N
Bug affectedAlt-N MDaemon prior 7.2.1
Bug not affectedAlt-N MDaemon newer than 7.2.1
Bug vulnerability classUnknown
Bug descriptionThe remote host is running Alt-N MDaemon, a SMTP/IMAP server for the Windows operating system family. It is reported that versions up to and including 7.2.0 are prone to local privilege escalation vulnerability. An local attacker may increase his privilege and execute code with SYSTEM privileges.
Bug solutionUpgrade to MDaemon 7.2.1 or newer.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityMaybe
Bug exploit urlhttp://www.securityfocus.com/bid/11736/exploit/
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity4
Bug simplicity5
Bug impact8
Bug risk5
Bug Nessus riskMedium
Bug check toolsNessus can check this flaw with the plugin 15823 (Alt-N MDaemon Local Privilege Escalation Vulnerability).
Source SecurityFocus BID11736
Source Nessus ID15823
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.