header-logo
Suggest Exploit
vendor:
ScanMail for Microsoft Exchange
by:
SecurityFocus
8.3
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: ScanMail for Microsoft Exchange
Affected Version From: ScanMail for Microsoft Exchange 5.5
Affected Version To: ScanMail for Microsoft Exchange 5.5
Patch Exists: YES
Related CWE: CVE-2002-0607
CPE: a:trend_micro:scanmail_for_microsoft_exchange
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Authentication Bypass Vulnerability in ScanMail for Microsoft Exchange

ScanMail for Microsoft Exchange is vulnerable to an authentication bypass vulnerability. This vulnerability allows a remote attacker to bypass existing authentication mechanisms and gain access to the ScanMail management system. This is achieved by sending a specially crafted HTTP request to the vulnerable server.

Mitigation:

Upgrade to the latest version of ScanMail for Microsoft Exchange.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6619/info

A vulnerability has been reported for ScanMail for Microsoft Exchange. The vulnerability allows a remote attacker to bypass existing authentication mechanisms and obtain access to ScanMail's management system.

http://x.x.x.x:16372/smg_Smxcfg30.exe?vcc=3560121183d3

Navigation

Suggest Exploit

Services By CQR