MTS Professional < SMTP Open Relay

Medium Nessus Network Monitor Plugin ID 3448


The remote SMTP server can be tricked into relaying email, regardless of its relay configuration.


The remote host is running the MTS Professional SMTP server. This version of MTS is vulnerable to a flaw in the way that it handles malformed 'MAIL FROM:' headers. An attacker exploiting this flaw would send malformed 'MAIL FROM:' directives to the server. Successful exploitation would result in the attacker being able to relay traffic through the host.


Upgrade to version or higher.

See Also

Plugin Details

Severity: Medium

ID: 3448

File Name: 3448.prm

Family: SMTP Servers

Published: 2006/02/28

Modified: 2016/11/23

Dependencies: 2004, 2005

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:C


Base Score: 5.3

Temporal Score: 5.1


Temporal Vector: CVSS3#E:F/RL:U/RC:C

Reference Information

CVE: CVE-2006-0977

BID: 16840