Description
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
Exploits (1)
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/281914
Broken Link vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9580.php
Exploit, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5213
Scores
EPSS
0.3474
EPSS Percentile
97.1%
Details
Status
published
Products (3)
microsoft/exchange_server
5.5 (3 CPE variants)
microsoft/internet_information_server
4.0
microsoft/internet_information_services
5.0
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026