发布时间 :2000-05-01 00:00:00
修订时间 :2008-09-10 15:04:42

[原文]The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.

[CNNVD]网络沟通软件WebShield SMTP配置修改漏洞 (CNNVD-200005-007)

        WebShield SMTP版本为4.5.44管理工具在还没有将IP地址解析为主机名时没有正确限制对管理端口的访问,远程攻击者可以通过GET_CONFIG命令访问任意配置。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20000525 DST2K0003 : Buffer Overrun in NAI WebShield SMTP v4.5.44 Managem ent Tool
(UNKNOWN)  BID  1253

- 漏洞信息

网络沟通软件WebShield SMTP配置修改漏洞
中危 访问验证错误
2000-05-01 00:00:00 2005-05-02 00:00:00
        WebShield SMTP版本为4.5.44管理工具在还没有将IP地址解析为主机名时没有正确限制对管理端口的访问,远程攻击者可以通过GET_CONFIG命令访问任意配置。

- 公告与补丁

        Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at:

- 漏洞信息

NAI WebShield SMTP GET_CONFIG Information Disclosure
Remote / Network Access Information Disclosure, Input Manipulation
Loss of Confidentiality
Exploit Public

- 漏洞描述

WebShield SMTP contains a flaw that allows a remote attacker to obtain configuration information from the product. The issue is due to the GET_CONFIG command requiring no authentication. If an attacker connects to port 9999 and issues this command, the system will display all of the WebShield configuration options which may allow more focused attacks.

- 时间线

2000-05-25 2000-05-08
2000-05-25 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: 1. Run the service as a restricted user, not with SYSTEM privileges. 2. Use access controls to restrict access to port 9999

- 相关参考

- 漏洞作者