Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability
Software: Alt-N MDaemon v13.0.3 and prior versions
Vulnerability Type: Disclosure of Authentication Credentials
Discovered: 01 October 2012
Reported: 19 December 2012
Disclosed: 18 February 2013
Alt-N WorldClient application is prone to an authentication credentials disclosure via a specially formulated HTTP request. This is possible because the application replies to the request with a response that contains the credentials in an encoded (reversible) format.
Attackers may trick an unsuspecting user into opening a malicious email message -using the WorldClient application- and stealing his/her authentication credentials without the user ever noticing.
Alt-N MDaemon v13.0.3 & v12.5.6 were tested and found vulnerable; other versions may also be affected.
Encoded Auth String:
Decoded Auth String:
PoC Python Script: