Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0977

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0977
Last Modified 07 Mar 2011 09:31:28
Published 03 Mar 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0977

Summary

Craig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configured to relay all mail through an external SMTP server, which allows remote attackers to relay mail by connecting to the MTS Pro server, then sending a MAIL FROM that specifies a domain that is local to the server.

Vulnerable Systems

Application

  • Craig Morrison Mts Pro


References

VUPEN - ADV-2006-0786

BUGTRAQ - 20060225 Mail Transport System Professional--Open Relay Hole

XF - mts-mail-relay(24985)

BID - 16840

SECUNIA - 19067


Last Updated: 27 May 2016 10:41:52