CVE-2004-1546

MDaemon 6.5.1 - Denial of Service via Long SAML/SOML/SEND/MAIL or LIST Command

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-1546. PoCs published by D_BuG.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in Mdaemon IMAP and SMTP servers v6.5.1. It sends maliciously crafted LIST and SAML commands to trigger a crash or denial-of-service condition.

Description

Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server.

Exploits (2)

exploitdb WORKING POC VERIFIED

by D_BuG · cremotewindows

https://www.exploit-db.com/exploits/473

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Mdaemon IMAP and SMTP servers v6.5.1. It sends maliciously crafted LIST and SAML commands to trigger a crash or denial-of-service condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Mdaemon IMAP/SMTP server v6.5.1

Auth required

Prerequisites: Network access to the target server · Valid credentials for IMAP/SMTP

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by D_BuG · cremotewindows

https://www.exploit-db.com/exploits/24624

View Code ZIP pw:eip

This exploit demonstrates a remote buffer overflow vulnerability in Alt-N MDaemon SMTP server v6.5.1 by sending a large argument to the SAML command, leading to a denial-of-service (DoS) or potential arbitrary code execution.