← CVECheck
HomeVulnerabilities

CVE-2002-0054 — HIGH severity vulnerability (SMTP service in (1) Microsoft Windows 2000 and (2) Internet)

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

CVE IDCVE-2002-0054
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWECWE-294
StatusModified
Published2002-03-08
Last modified2026-04-16
DescriptionSMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →