CVE-2001-0586 - OpenCVE

TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Trend Micro	Scanmail Exchange

Configuration 1 [-]

cpe:2.3:a:trend_micro:scanmail_exchange:3.5:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/0049.html	Exploit Patch Vendor Advisory
http://www.osvdb.org/5581
https://exchange.xforce.ibmcloud.com/vulnerabilities/6311

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-09T05:00:00

Updated: 2002-03-01T10:00:00

Reserved: 2001-07-27T00:00:00

Link: CVE-2001-0586

JSON object: View

NVD Information

Status : Modified

Published: 2001-08-22T04:00:00.000

Modified: 2017-10-10T01:29:47.827

Link: CVE-2001-0586

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-03-30T00:00:00", "descriptions": [{"lang": "en", "value": "TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-03-01T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "5581", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/5581"}, {"name": "20010330 STAT Security Advisory: Trend Micro's ScanMail for Exchange store s passwords in registry unprotected", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/0049.html"}, {"name": "scanmail-reveals-credentials(6311)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6311"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0586", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "5581", "refsource": "OSVDB", "url": "http://www.osvdb.org/5581"}, {"name": "20010330 STAT Security Advisory: Trend Micro's ScanMail for Exchange store s passwords in registry unprotected", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/0049.html"}, {"name": "scanmail-reveals-credentials(6311)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6311"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0586", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-07-27T00:00:00", "dateUpdated": "2002-03-01T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}