COMMAND

    MDaemon

SYSTEMS AFFECTED

    MDaemon 3.5.1

PROBLEM

    Mohamed Riyad found following.   On Windows NT machines, you  must
    be able to login to use this exploit.  On Windows 98, anybody  has
    access to the desktop could do it.

    When  the  MD  server  is  locked,  any  one can simply bypass the
    "locked server" security and can do anything they want.

    If a mail server administrator wanted to deny access to MD server,
    he right clicks on the  system tray Icon and select  "lock server"
    and then MDaemon will ask for a password and again ask to  confirm
    it.  Whenever you  wanted to open MD  window, you double click  on
    the icon at  system tray, MD  will ask for  the password.   If you
    enter the correct password, you will be allowed inside.

    The security  could be  bypassed here.   Just double  click on the
    system tray icon  of MDaemon to  start.  Now,  MDaemon will prompt
    for the password.  Without  entering any password the, just  click
    on Cancel  button.   AND IMMEDIATELY  PRESS THE  ENTER KEY and YOU
    WILL BE TAKEN INTO MDAEMON.  You can do whatever you wanted to  do
    with MDaemon and then safe minimize it to close the window.

    This  is  exploit  can  be  used  to  add/delete/modify  any email
    accounts and mailing list.  Also new domains could be added.   Any
    mails to any accounts could be forwarded and a lot more.

SOLUTION

    Nothing yet.