Lucene search

[email protected]CVE-2000-0610

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0610

2000-10-1304:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0610

netwin dmailweb

authentication bypass

mail relay

cyber security

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.

Affected configurations

NVD

Node

netwincwmailMatch2.6g

netwindmailwebMatch2.6g

CPENameOperatorVersion
netwin:cwmailnetwin cwmaileq2.6g
netwin:dmailwebnetwin dmailwebeq2.6g

CPE	Name	Operator	Version
netwin:cwmail	netwin cwmail	eq	2.6g
netwin:dmailweb	netwin dmailweb	eq	2.6g

References

archives.neohapsis.com/archives/bugtraq/2000-06/0243.html

www.securityfocus.com/bid/1390

exchange.xforce.ibmcloud.com/vulnerabilities/4770

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

Related for CVE-2000-0610

nvd1 cvelist1