Lucene search

[email protected]CVE-2004-2298

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2298

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

novell

internet messaging system

netmail

nims

nmap

authentication

vulnerability

remote attackers

mail store

data

nvd

cve-2004-2298

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.

CPENameOperatorVersion
novell:internet_messaging_systemnovell internet messaging systemeq3.0
novell:netmailnovell netmaileq3.1
novell:internet_messaging_systemnovell internet messaging systemeq2.6
novell:netmailnovell netmaileq3.5

CPE	Name	Operator	Version
novell:internet_messaging_system	novell internet messaging system	eq	3.0
novell:netmail	novell netmail	eq	3.1
novell:internet_messaging_system	novell internet messaging system	eq	2.6
novell:netmail	novell netmail	eq	3.5

References

secunia.com/advisories/13377

support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm

www.osvdb.org/12234

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for CVE-2004-2298

cvelist1