CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0054

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=101501580409373&w=2
http://www.securityfocus.com/bid/4205
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011
http://marc.info/?l=bugtraq&m=101501580409373&w=2
http://www.securityfocus.com/bid/4205
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011

Products affected by CVE-2002-0054

Microsoft » Exchange Server » Version: 5.5

cpe:2.3:a:microsoft:exchange_server:5.5
Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0054

Products

Pricing

Contact Us