CVE-2008-1358

Alt-N Technologies MDaemon 9.6.4 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2008-1358. PoCs published by Metasploit, ryujin, Jacopo Cervini, aushack, including Metasploit module exploits/windows/imap/mdaemon_fetch.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in MDaemon 9.6.4 IMAP server via an overly long FETCH BODY command. It includes SEH-based payload delivery and requires valid IMAP credentials.

Description

Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16482

This exploit targets a stack buffer overflow in MDaemon 9.6.4 IMAP server via an overly long FETCH BODY command. It includes SEH-based payload delivery and requires valid IMAP credentials.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MDaemon 9.6.4
Auth required
Prerequisites: Valid IMAP account credentials · Network access to the target IMAP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ryujin · pythonremotewindows
https://www.exploit-db.com/exploits/5248

This exploit targets a buffer overflow vulnerability in MDaemon IMAP server v9.6.4 via a malformed FETCH command, leading to remote code execution with SYSTEM privileges. It uses a bind shell payload to establish a reverse shell on port 4444.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MDaemon IMAP server v9.6.4
Auth required
Prerequisites: Valid IMAP credentials · At least one message in the Inbox
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by Jacopo Cervini, aushack · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/imap/mdaemon_fetch.rb

This Metasploit module exploits a stack buffer overflow in MDaemon 9.6.4 IMAP server via an overly long FETCH BODY command. It uses SEH overwrites to achieve remote code execution on Windows systems.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Alt-N MDaemon IMAP Server 9.6.4
Auth required
Prerequisites: Valid IMAP account credentials · Network access to the target IMAP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019615
Various Sources x_refsource_misc
http://www.be4mind.com/?q=node/256
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41195
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0877/references
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5248
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28245
Various Sources x_refsource_confirm
http://files.altn.com/MDaemon/Release/RelNotes_en.txt
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29382

Scores

EPSS 0.5707
EPSS Percentile 98.9%

Details

CWE
CWE-119
Status published
Products (1)
altn/mdaemon 9.6.4
Published Mar 17, 2008
Tracked Since Feb 18, 2026