CVE-2004-2298

3 documents3 sources

Severity

6.4MEDIUM

EPSS

0.4%

top 40.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Internet Messaging System Novell Netmail

Timeline

PublishedDec 31

Latest updateApr 29

Description

Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

▶NVDnovell/internet_messaging_system2.6, 3.0+1

▶NVDnovell/netmail3.1, 3.5+1

Patches

Patch: secunia.com ↗Patch: support.novell.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-m9fj-g263-c8f3: Novell Internet Messaging System (NIMS) 2↗2022-04-29

▶

CVEList

CVE-2004-2298: Novell Internet Messaging System (NIMS) 2↗2005-08-05

▶