Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1790


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1790
Last Modified 05 Sep 2008 04:31:31
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.

Vulnerable Systems


  • Microsoft Exchange Server 5.5

  • Microsoft Internet Information Server 4.0

  • Microsoft Internet Information Server 5.0


BID - 5213

XF - iis-smtp-mail-relay(9580)

Last Updated: 27 May 2016 10:37:30