CVE-2006-5968

Name of the Vulnerable Software and Affected Versions MDaemon versions 9.0.5 through 9.0.6, 9.51, and 9.53

Description The issue allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemonAPP folder. This is due to the MDaemon application folder being installed with insecure permissions, allowing users to create files and directories.

Recommendations For versions 9.0.5 through 9.0.6, 9.51, and 9.53, consider restricting write access to the MDaemonAPP folder to prevent local users from creating malicious libraries. As a temporary workaround, monitor the MDaemonAPP folder for any suspicious RASAPI32.DLL or MPRAPI.DLL files.