MDaemon Server DomainPOP Malformed Message DoS

Low Nessus Plugin ID 25683


The remote mail server is prone to a denial of service attack.


According to its banner, the version of MDaemon installed on the remote host contains a vulnerability in its 'DomainPOP' Mail Collection component that may cause it to crash while processing a specially crafted message. An unauthenticated, remote attacker may be able to leverage this issue to deny service to legitimate users of the application.


Upgrade to MDaemon 9.6.1 or later.

See Also

Plugin Details

Severity: Low

ID: 25683

File Name: mdaemon_961.nasl

Version: $Revision: 1.19 $

Type: remote

Agent: windows

Family: Windows

Published: 2007/07/10

Modified: 2017/06/06

Dependencies: 66633

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:alt-n:mdaemon

Required KB Items: mdaemon/installed

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2007/07/06

Reference Information

CVE: CVE-2007-3622

BID: 24787

OSVDB: 37193