WorldClient for MDaemon Server Detection

Published: 2005-11-03 13:08:04
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Recommendations:
Make sure all usernames and passwords are adequately long and that only authorized networks have access to this web server's port number (block the web server's port number on your firewall).

Summary:
We detected the remote web server is running WorldClient for MDaemon. This web server enables attackers with the proper username and password combination to access locally stored mailboxes. In addition, earlier versions of WorldClient suffer from buffer overflow vulnerabilities, and web traversal problems (if those are found the Risk factor is higher).

Solution Type:
Mitigation

Detection Type:
Remote Banner

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2000-0660

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/1462
https://www.securityfocus.com/bid/2478
https://www.securityfocus.com/bid/4687
https://www.securityfocus.com/bid/4689
https://www.securityfocus.com/bid/823

References:

http://www.securiteam.com/cgi-bin/htsearch?config=htdigSecuriTeam&words=WorldClient

Search
Severity
Medium
CVSS Score
5.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.