PT-2004-3192 · Novell+1 · Netmail+2

Published

2004-12-31

Updated

2008-09-05

CVE-2004-2298

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Novell Internet Messaging System (NIMS) versions 2.6 through 3.0 NetMail versions 3.1 through 3.5

Description: The issue allows remote attackers to read and write mail store data due to a default NMAP authentication credential. This can be exploited if the administrator does not change the credential using the NMAP Credential Generator.

Recommendations: For Novell Internet Messaging System (NIMS) versions 2.6 through 3.0, change the default NMAP authentication credential using the NMAP Credential Generator. For NetMail versions 3.1 through 3.5, change the default NMAP authentication credential using the NMAP Credential Generator.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2298

Affected Products

Nmap

Netmail

Novell Internet Messaging System

PT-2004-3192 · Novell+1 · Netmail+2

CVE-2004-2298

Related Identifiers

Affected Products

References · 4