Secunia
Login
|
|
|
|
|
|
|
|
|
Novell NetMail Default NMAP Authentication Credentials
Release Date: 2004-12-06 Last Update: 2005-08-08 Views: 14,407
Secunia Advisory SA13377
Where:
From local network
Impact:
Manipulation of data, Exposure of system information, Exposure of sensitive information,
Solution Status:
Vendor Workaround
CVE Reference(s):
Description
A security issue has been reported in NetMail, which can be exploited by malicious people to gain unauthorised access to the mail store.
During installation, the default NMAP (Network Messaging Application Protocol) authentication credential is set automatically and not changed after installation has finished. This can be exploited via the NMAP service to gain unauthorised access to the mail store data with read/write permissions or send unauthorised messages.
Solution:
Use the NetMail/NIMS NMAP Credential Generator (nmapcred) utility to change the default NMAP authentication credential.
Further details available to Secunia VIM customers
Provided and/or discovered by:
Reported by vendor.
Original Advisory:
Novell:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10095545.htm
Deep Links:
Links available to Secunia VIM customers
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
Subject: Novell NetMail Default NMAP Authentication Credentials
|
No posts yet |
|
You must be logged in to post a comment. |
