Vulnerabilites related to novell - internet_messaging_system
CVE-2004-2298 (GCVE-0-2004-2298)
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-09-16 22:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/13377 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/12234 | vdb-entry, x_refsource_OSVDB | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13377"
},
{
"name": "12234",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13377"
},
{
"name": "12234",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13377"
},
{
"name": "12234",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12234"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2298",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T22:39:58.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | internet_messaging_system | 2.6 | |
| novell | internet_messaging_system | 3.0 | |
| novell | netmail | 3.1 | |
| novell | netmail | 3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:internet_messaging_system:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6CC52E-D5A2-47D3-861E-B127290C1167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:internet_messaging_system:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74ABD52D-A07C-495D-92DC-18E15A5A3828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netmail:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4332FF7C-B625-4885-84F1-95A210391A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:netmail:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B57CD26-1038-4959-B560-D5FE90D6A2A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator."
}
],
"id": "CVE-2004-2298",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13377"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/12234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/12234"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}