CVE DATABASE / CVE-2005-0315
CVE-2005-0315
CVSS 4.6 · MEDIUM
Summary
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.
CVSS 2.0 breakdown
| Base score | 4.6 (MEDIUM) |
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Confidentiality | PARTIAL |
| Integrity | PARTIAL |
| Availability | PARTIAL |
Affected products
Amax_information_technologies magic winmail server
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://marc.info/?l=bugtraq&m=110685011825461&w=2
- http://secunia.com/advisories/14053
- http://securitytracker.com/id?1013017
- http://www.securityfocus.com/bid/12388
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19115
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.