A security issue has been reported in NetMail, which can be exploited by malicious people to gain unauthorised access to the mail store.
During installation, the default NMAP (Network Messaging Application Protocol) authentication credential is set automatically and not changed after installation has finished. This can be exploited via the NMAP service to gain unauthorised access to the mail store data with read/write permissions or send unauthorised messages.
Solution: Use the NetMail/NIMS NMAP Credential Generator (nmapcred) utility to change the default NMAP authentication credential.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com