Vulnerability Description
Craig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configured to relay all mail through an external SMTP server, which allows remote attackers to relay mail by connecting to the MTS Pro server, then sending a MAIL FROM that specifies a domain that is local to the server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Craig Morrison | Mts Pro | All versions |
References
- http://secunia.com/advisories/19067
- http://www.securityfocus.com/archive/1/426181/100/0/threaded
- http://www.securityfocus.com/bid/16840
- http://www.vupen.com/english/advisories/2006/0786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24985
- http://secunia.com/advisories/19067
- http://www.securityfocus.com/archive/1/426181/100/0/threaded
- http://www.securityfocus.com/bid/16840
- http://www.vupen.com/english/advisories/2006/0786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24985
FAQ
What is CVE-2006-0977?
CVE-2006-0977 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Craig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configured to relay all mail through an external SMTP server, which allows remote attackers to relay mail by ...
How severe is CVE-2006-0977?
CVE-2006-0977 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0977?
Check the references section above for vendor advisories and patch information. Affected products include: Craig Morrison Mts Pro.