Summary
We detected the remote web server is
running WorldClient for MDaemon. This web server enables attackers with the proper username and password combination to access locally stored mailboxes.
In addition, earlier versions of WorldClient suffer from buffer overflow vulnerabilities, and web traversal problems (if those are found the Risk factor is higher).
Solution
Make sure all usernames and passwords are adequately long and that only authorized networks have access to this web server's port number (block the web server's port number on your firewall).
For more information see:
http://www.securiteam.com/cgi-bin/htsearch?config=htdigSecuriTeam&words=WorldClient
Severity
Classification
-
CVE CVE-2000-0660 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe Reader Privelege Escalation Vulnerability - Jul07 (Mac OS X)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
- Apple Safari Multiple Vulnerabilities
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)