APP: MDConfig Malformed Version Command

This signature detects attempts to exploit a known vulnerability against MDConfig for Mdaemon. MDConfig v3.5.0 and earlier versions are vulnerable. Attackers can send a blank VERS request to obtain sensitive information; attackers can then use a separate connection to send the correct VERS request and consume mdconfig resources, causing a denial of service and preventing administrator logins.

Extended Description

Remote attackers could exploit this vulnerability to obtain the MDaemon version number and cause an MDConfig denial of service.

Short Name
APP:MDAEMON:MDCONFIG-VER
Severity
Warning
Recommended
False
Recommended Action
None
Category
APP
Keywords
Command MDConfig Malformed Version
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3324
Port
TCP/3002
False Positive
Unknown

Found a potential security threat?