Vulnerabilities > CVE-2004-2071 - Authentication Bypass vulnerability in Macallan Mail Solution 2.8.4.6Build260

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
macallan
exploit available
NVD
Published: 2004-12-31
Updated: 2017-07-11

Summary

Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name.

Vulnerable Configurations

Part Description Count
Application
Macallan
1

Exploit-Db

descriptionMacallan Mail Solution Macallan Mail Solution 2.8.4 .6(Build 260) Web Interface Authentication Bypass Vulnerability. CVE-2004-2071. Webapps exploit for php p...
idEDB-ID:23687
last seen2016-02-02
modified2004-02-12
published2004-02-12
reporterZiv Kamir
sourcehttps://www.exploit-db.com/download/23687/
titleMacallan Mail Solution Macallan Mail Solution 2.8.4.6 Build 260 - Web Interface Authentication Bypass Vulnerability

References