Vulnerability Description
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Internet Messaging System | 2.6 |
| Novell | Netmail | 3.1 |
References
- http://secunia.com/advisories/13377PatchVendor Advisory
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htmPatch
- http://www.osvdb.org/12234
- http://secunia.com/advisories/13377PatchVendor Advisory
- http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htmPatch
- http://www.osvdb.org/12234
FAQ
What is CVE-2004-2298?
CVE-2004-2298 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store dat...
How severe is CVE-2004-2298?
CVE-2004-2298 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2298?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Internet Messaging System, Novell Netmail.