CVE-2006-0129 : Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier generates differen

Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames via user requests to TCP port 106.

Published 2006-01-09 11:03:00

Updated 2011-03-08 02:29:23

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-0129

Probability of exploitation activity in the next 30 days: 1.93%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 87 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-0129

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-0129

http://zur.homelinux.com/Advisories/RockliffeMailsiteUserEnum.txt

Exploit;Vendor Advisory

CVEs referencing this url
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/040970.html

Exploit;Vendor Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2006/0055

CVEs referencing this url

Products affected by CVE-2006-0129

Rockliffe » Mailsite
Versions up to, including, (<=) 7.0.3.1
cpe:2.3:a:rockliffe:mailsite:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-0129

Exploit prediction scoring system (EPSS) score for CVE-2006-0129

CVSS scores for CVE-2006-0129

References for CVE-2006-0129

Products affected by CVE-2006-0129