MDaemon WorldClient HTTP Server URL Overflow DoS

Medium Nessus Plugin ID 10139


The remote web server has a denial of service vulnerability.


It was possible to crash the remote WorldClient web server (which allows users to read their mail remotely) by sending :

GET /aaaaa[...]aaa HTTP/1.0

This issue allows a remote attacker to prevent users from reading their email.


Upgrade to the latest version of this software.

See Also

Plugin Details

Severity: Medium

ID: 10139

File Name: mdaemon_worldclient.nasl

Version: $Revision: 1.26 $

Type: remote

Family: Web Servers

Published: 1999/11/24

Modified: 2016/11/18

Dependencies: 10107

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Vulnerability Publication Date: 1999/11/24

Reference Information

CVE: CVE-1999-0844

BID: 823

OSVDB: 12035