Vulnerabilities > CVE-2002-1790 - Unspecified vulnerability in Microsoft products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

microsoft

exploit available

NVD

Published: 2002-12-31

Updated: 2020-04-09

Summary

The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Exchange Server 5.5 Microsoft Internet Information Server 4.0 Microsoft Internet Information Services 5.0	5

Exploit-Db

description	Microsoft IIS 4/5 SMTP Service Encapsulated SMTP Address Vulnerability. CVE-2002-1790. Remote exploit for windows platform
id	EDB-ID:21613
last seen	2016-02-02
modified	2002-07-12
published	2002-07-12
reporter	JWC
source	https://www.exploit-db.com/download/21613/
title	Microsoft IIS 4/5 SMTP Service Encapsulated SMTP Address Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References