Gladiator Research and Security - » MDaemon WorldClient Vulnerability

Links

Other Posts: Backup Exec Multiple Vulnerabilities; eShield Spam Counts Down

MDaemon WorldClient Vulnerability

Posted on November 19th, 2008 by Ryan Spanier

GSA Reference Number: AD081119-01
Updated: 11-19-2008

Simply Put: Secunia is reporting a vulnerability in MDaemon’s WorldClient webmail frontend. Attackers could send a specially-crafted email that, if viewed in the WorldClient webmail interface, could run malicious scripts or HTML code on the user’s machine without their interaction. All the user would have to do is read the email. The vendor has a patch available.

Attack Details: The attack is basically a cross-site scripting vulnerability. The email that the attacker sends is displayed through the WebClient interface to the user. Unfortunately, the WebClient interface interprets parts of the email as HTML instead of standard text. This means an attacker can embed script tags or other malicious HTML code in the email that is run by the browser.

Countermeasures: The vendor has released a patch for this vulnerability. Gladiator recommends all users of MDaemon upgrade to version 10.02. See the release notes linked below for details.

Related Links:

Secunia Advisory (http://secunia.com/Advisories/32142/)
Security Focus Advisory (http://www.securityfocus.com/bid/32355)
MDaemon 10.0.2 Release Notes (http://files.altn.com/MDaemon/Release/relnotes_en.txt)

Tags: MDaemon, scripts, Secunia, WorldClient, XSS

Reader Comments

Sorry, comments are closed.