Vulnerabilities > CVE-2006-0977 - Unspecified vulnerability in Craig Morrison MTS PRO

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

craig-morrison

NVD

Published: 2006-03-03

Updated: 2018-10-18

Summary

Craig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configured to relay all mail through an external SMTP server, which allows remote attackers to relay mail by connecting to the MTS Pro server, then sending a MAIL FROM that specifies a domain that is local to the server.

Vulnerable Configurations

Part	Description	Count
Application	Craig_Morrison Craig Morrison MTS PRO *	1

References

http://secunia.com/advisories/19067
http://www.securityfocus.com/archive/1/426181/100/0/threaded
http://www.securityfocus.com/bid/16840
http://www.vupen.com/english/advisories/2006/0786
https://exchange.xforce.ibmcloud.com/vulnerabilities/24985