Trend Micro Scanmail for Domino nsf File Information Disclosure

medium Nessus Plugin ID 14312

Language:

Synopsis

The remote antivirus is vulnerable to several flaws.

Description

This script attempts to read sensitive files used by Trend ScanMail, an antivirus protection program for Domino (formerly Lotus Notes).
An attacker, exploiting this flaw, may gain access to confidential data or disable the antivirus protection.

Solution

Password protect those files.

Plugin Details

Severity: Medium

ID: 14312

File Name: lotus_smency.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 8/19/2004

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

Vulnerability Information

CPE: cpe:/a:trend_micro:scanmail_domino

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 11/7/2004

Reference Information

CVE: CVE-2004-1003

BID: 11612

Detections

Analytics