PT-2006-1210 · Mailma · Mail Management Agent

Published

2006-01-09

Updated

2008-09-05

CVE-2006-0130

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Mail Management Agent (MAILMA) versions 7.0.3.1 and earlier

Description: The issue allows remote attackers to attempt authentication with an unlimited number of user account names and passwords without denying connections, limiting the rate of connections, or locking out an account.

Recommendations: For Mail Management Agent (MAILMA) versions 7.0.3.1 and earlier, consider implementing rate limiting or account lockout policies to mitigate the risk of brute-force authentication attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0130

Affected Products

Mail Management Agent

PT-2006-1210 · Mailma · Mail Management Agent

CVE-2006-0130

Related Identifiers

Affected Products

References · 3