|
|
| |
| "MDaemon , Windows-based email server software, contains full mail server functionality and control with a strong emphasis on security to protect your email communication needs." A vulnerability in MDaemon allows a local user to run arbitrary code with SYSTEM privileges. |
| |
Credit:
The information has been provided by Reed Arvin.
|
| |
Vulnerable Systems:
* MDaemon version 7.2
1. Double click on the mail icon in the Taskbar to open the Alt-N MDaemon Pro window.
2. Click File, click New
3. Notepad should open. In Notepad click File, click Open
4. In the Files of type: field choose All Files
5. Navigate to %WINDIR%\System32\
6. Right click cmd.exe and choose Open
7. A new command shell will open with SYSTEM privileges
|
|
|
