Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability PROBLEM: UssrLabs found multiple places in MDaemon v2.8.5.0 where they do not use proper bounds checking. The following all result in a Denial of Service against the service in question. affected services: WorldClient: Port 2000 WebConfig : Port 2002 This two remotes services are affected to overflow of you send a large url name. Like: http:/serverip/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa For the Binary / Source for this MDaemon Server v2.8.5.0 Denial of Service: Go To: http://www.ussrback.com/mdeam285/ Vendor Status: Contacted. Vendor Url: http://www.mdaemon.com Credit: USSRLABS SOLUTION Nothing yet. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com
