Vulnerability Description
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alt-N | Webadmin | <= 3.2.5 |
References
- http://files.altn.com/WebAdmin/Release/RelNotes_en.txtPatch
- http://secunia.com/advisories/21727PatchVendor Advisory
- http://securityreason.com/securityalert/1516
- http://www.osvdb.org/28548
- http://www.securityfocus.com/archive/1/445153/100/0/threaded
- http://www.teklow.com/advisories/TTG0602.txtPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28776
- http://files.altn.com/WebAdmin/Release/RelNotes_en.txtPatch
- http://secunia.com/advisories/21727PatchVendor Advisory
- http://securityreason.com/securityalert/1516
- http://www.osvdb.org/28548
- http://www.securityfocus.com/archive/1/445153/100/0/threaded
- http://www.teklow.com/advisories/TTG0602.txtPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28776
FAQ
What is CVE-2006-4620?
CVE-2006-4620 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain acces...
How severe is CVE-2006-4620?
CVE-2006-4620 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4620?
Check the references section above for vendor advisories and patch information. Affected products include: Alt-N Webadmin.