MDaemon File Creation Local Privilege Escalation

High Nessus Plugin ID 15823


The remote mail server is prone to a local privilege escalation vulnerability.


It is reported that versions of MDaemon up to and including 7.2.0 are affected by a local privilege escalation vulnerability.

An local attacker may increase his privilege and execute code with SYSTEM privileges.


Upgrade to MDaemon 7.2.1 or later.

See Also

Plugin Details

Severity: High

ID: 15823

File Name: mdaemon_local_privileges.nasl

Version: $Revision: 1.16 $

Type: remote

Published: 2004/11/24

Modified: 2016/10/27

Dependencies: 66633

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:alt-n:mdaemon

Required KB Items: mdaemon/installed

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2004/11/29

Reference Information

CVE: CVE-2004-2504

BID: 11736

OSVDB: 12158