Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10745
Category:Web application abuses
Title:WorldClient for MDaemon Server Detection
Summary:We detected the remote web server is; running WorldClient for MDaemon. This web server enables attackers; with the proper username and password combination to access locally; stored mailboxes.;; In addition, earlier versions of WorldClient suffer from buffer overflow; vulnerabilities, and web traversal problems (if those are found the Risk; factor is higher).
Description:Summary:
We detected the remote web server is
running WorldClient for MDaemon. This web server enables attackers
with the proper username and password combination to access locally
stored mailboxes.

In addition, earlier versions of WorldClient suffer from buffer overflow
vulnerabilities, and web traversal problems (if those are found the Risk
factor is higher).

Solution:
Make sure all usernames and passwords are adequately long and
that only authorized networks have access to this web server's port number
(block the web server's port number on your firewall).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: BugTraq ID: 1462
BugTraq ID: 2478
BugTraq ID: 4687
BugTraq ID: 4689
BugTraq ID: 823
Common Vulnerability Exposure (CVE) ID: CVE-2000-0660
http://www.securityfocus.com/bid/1462
Bugtraq: 20000712 Infosec.20000712.worldclient.2.1 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-07/0173.html
http://www.osvdb.org/1459
XForce ISS Database: worldclient-dir-traverse(4913)
https://exchange.xforce.ibmcloud.com/vulnerabilities/4913
CopyrightCopyright (C) 2005 Noam Rathaus & SecuriTeam

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.