Vulnerability Details : CVE-2004-2298

Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.

Published 2004-12-31 05:00:00

Updated 2008-09-05 20:43:45

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-2298

Probability of exploitation activity in the next 30 days: 1.57%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-2298

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:P/A:N	10.0	4.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2004-2298

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm

Patch

Products affected by CVE-2004-2298

Novell » Netmail » Version: 3.1
cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*
Matching versions
Novell » Netmail » Version: 3.5
cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*
Matching versions
Novell » Internet Messaging System » Version: 2.6
cpe:2.3:a:novell:internet_messaging_system:2.6:*:*:*:*:*:*:*
Matching versions
Novell » Internet Messaging System » Version: 3.0
cpe:2.3:a:novell:internet_messaging_system:3.0:*:*:*:*:*:*:*
Matching versions