Vulnerabilities > CVE-2004-2298 - Denial-Of-Service vulnerability in Internet Messaging System

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

novell

NVD

Published: 2004-12-31

Updated: 2008-09-05

Summary

Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.

Vulnerable Configurations

Part	Description	Count
Application	Novell Novell Internet Messaging System 2.6 Novell Internet Messaging System 3.0 Novell Netmail 3.1 Novell Netmail 3.5	4

References

http://secunia.com/advisories/13377
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm
http://www.osvdb.org/12234