Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability

MDaemon Server v2.8.5.0

MDaemon Server v2.8.5.0

Binary file D.o.s

Source of Binary D.o.s



UssrLabs found multiple places in MDaemon v2.8.5.0 where they do not use proper bounds checking.

The following all result in a Denial of Service against the service in question.

Afected services:

WorldClient: Port 2000

WebConfig : Port 2002

This two remotes services are afected to overflow of you send a large url name.


Vendor Status:


Vendor Url:



Patch to fix in:

u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h