Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0315

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-0315
Last Modified 05 Sep 2008 04:45:56
Published 27 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-0315

Summary

The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.

Vulnerable Systems

Application

  • Amax Information Technologies Magic Winmail Server 4.0


References

XF - magicwinmail-ftp-obtain-information(19115)

BID - 12388

BUGTRAQ - 20050127 [SIG^2 G-TEC] Magic Winmail Server v4.0 Multiple Vulnerabilities

SECTRACK - 1013017

SECUNIA - 14053


Last Updated: 27 May 2016 10:39:46