Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0716


Vulnerability Score 2.6 2.6
CVE Id CVE-2000-0716
Last Modified 05 Sep 2008 04:21:42
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijcak the session ID and read the user's email.

Vulnerable Systems


  • Alt-n Mdaemon 2.8


BID - 1553

NTBUGTRAQ - 20000809 Session hijacking in Alt-N's MDaemon 2.8

XF - mdaemon-session-id-hijack

Last Updated: 27 May 2016 10:35:50