Lucene search

MitreCVE-2000-0490

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0490

2000-10-1304:00:00

mitre

web.nvd.nist.gov

netwin

dsmtp 2.7q

buffer overflow

remote command execution

cve-2000-0490

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.

Affected configurations

Nvd

Node

netwindmailMatch2.7

netwindmailMatch2.7q

netwindmailMatch2.8e

netwindmailMatch2.8f

netwindmailMatch2.8g

netwindmailMatch2.8h

VendorProductVersionCPE
netwindmail2.7cpe:2.3:a:netwin:dmail:2.7:*:*:*:*:*:*:*
netwindmail2.7qcpe:2.3:a:netwin:dmail:2.7q:*:*:*:*:*:*:*
netwindmail2.8ecpe:2.3:a:netwin:dmail:2.8e:*:*:*:*:*:*:*
netwindmail2.8fcpe:2.3:a:netwin:dmail:2.8f:*:*:*:*:*:*:*
netwindmail2.8gcpe:2.3:a:netwin:dmail:2.8g:*:*:*:*:*:*:*
netwindmail2.8hcpe:2.3:a:netwin:dmail:2.8h:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netwin	dmail	2.7	cpe:2.3:a:netwin:dmail:2.7:::::::*
netwin	dmail	2.7q	cpe:2.3:a:netwin:dmail:2.7q:::::::*
netwin	dmail	2.8e	cpe:2.3:a:netwin:dmail:2.8e:::::::*
netwin	dmail	2.8f	cpe:2.3:a:netwin:dmail:2.8f:::::::*
netwin	dmail	2.8g	cpe:2.3:a:netwin:dmail:2.8g:::::::*
netwin	dmail	2.8h	cpe:2.3:a:netwin:dmail:2.8h:::::::*

References

archives.neohapsis.com/archives/bugtraq/2000-05/0407.html

netwinsite.com/dmail/security.htm

www.securityfocus.com/bid/1297

exchange.xforce.ibmcloud.com/vulnerabilities/4579

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.02

Percentile

89.0%

JSON

Related for CVE-2000-0490