MDaemon Form2Raw exploit v1.14 Vulnerability exploited: NOCVE-2004-6820 - BID-9317 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent into the target host. The Raw Message Handler (FORM2RAW.exe) CGI, accessible by default from the WebClient interface, lets unauthenticated users inject mails in the Raw messages queue that can trigger a stack overflow in MDaemon.exe Supported Systems: Windows 2000 Advanced Server - sp3 (i386) Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Server - sp3 (i386) Windows 2000 Server - sp4 (i386) Alt-N MDaemon v6.8.5 Alt-N MDaemon v6.8.4 Alt-N MDaemon v6.8.3 Alt-N MDaemon v6.8.2 Alt-N MDaemon v6.8.1 Alt-N MDaemon v6.8.0 This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.