CVE-2002-0054

HIGH

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

Score CVSS v2.0

7.5

/ 10.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Informations

Publié: 8 mars 2002
Mis à jour: 16 avr. 2026
Statut: Modified
Source: cve@mitre.org

Produits affectés

microsoft exchange server

Versions : 5.5

microsoft windows 2000

Faiblesses (CWE)

CWE-294

Références (6)

http://marc.info/?l=bugtraq&m=101501580409373&w=2
Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/4205
PatchThird Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011
PatchVendor Advisory
http://marc.info/?l=bugtraq&m=101501580409373&w=2
Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/4205
PatchThird Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011
PatchVendor Advisory

CVEs similaires

Autres vulnérabilités de type CWE-294

Loading…

Surveillez vos produits

Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.

Activer la surveillance