CVE-2006-5968
N/A
N/A
Summary
MDaemon 9.0.5, 9.0.6, 9.51, and 9.53, and possibly other versions, installs the MDaemon application folder with insecure permissions (Users create files/directories), which allows local users to execute arbitrary code by creating malicious RASAPI32.DLL or MPRAPI.DLL libraries in the MDaemon\APP folder, which is an untrusted search path element due to insecure permissions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/secunia_research/2006-67/advisory/
- http://www.vupen.com/english/advisories/2006/4538
- http://www.securityfocus.com/archive/1/451821/100/100/threaded
- http://secunia.com/advisories/21554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30331
- http://securityreason.com/securityalert/1890
- http://securitytracker.com/id?1017238
References
- http://secunia.com/secunia_research/2006-67/advisory/
- http://www.vupen.com/english/advisories/2006/4538
- http://www.securityfocus.com/archive/1/451821/100/100/threaded
- http://secunia.com/advisories/21554
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30331
- http://securityreason.com/securityalert/1890
- http://securitytracker.com/id?1017238
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.