CVE Vulnerabilities

CVE-2005-0315

Published: Jan 27, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.

Affected Software

Name Vendor Start Version End Version
Magic_winmail_server Amax_information_technologies 4.0 (including) 4.0 (including)

References