PT-2001-1339 · Alt N Technologies · Mdaemon Pro

Published

2001-02-02

Updated

2017-12-19

CVE-2001-0104

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: MDaemon Pro versions 3.5.1 and earlier

Description: The issue allows local users to bypass the lock server security setting. This can be achieved by pressing the Cancel button at the password prompt and then pressing the enter key.

Recommendations: For MDaemon Pro versions 3.5.1 and earlier, consider disabling the lock server security setting temporarily until a fix is available, or apply specific configuration changes as recommended by the software vendor to mitigate this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0104

Affected Products

Mdaemon Pro

PT-2001-1339 · Alt N Technologies · Mdaemon Pro

CVE-2001-0104

Related Identifiers

Affected Products

References · 5