Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Alt-N MDaemon IMAP Server Authentication Routines Remote Buffer Overflow Vulnerability

A proof of concept is available.

The mdaemon_imap.pm exploit is available.

The mdaemon_imap_cram_md5.pm exploit is available for Metasploit.

/data/vulnerabilities/exploits/MDAEMON_bof.pl
/data/vulnerabilities/exploits/mdaemon_imap.pm
/data/vulnerabilities/exploits/mdaemon_imap_cram_md5.pm