published date: January 27, 2005

CVE-2005-0315 : The FTP service in...

Description

The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.

Product(s):

Amax Information Technologies Magic Winmail Server 4.0

CVSS:4.6 [Critical]
EPSS:0.37%
Exploitability:3.9
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2005-0315, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2005-0315 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2005-0315

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales