Unrated severityNVD Advisory· Published Mar 8, 2002· Updated Jun 16, 2026
CVE-2002-0054
CVE-2002-0054
Description
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*
- cpe:2.3:a:microsoft:exchange_server:5.5:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:exchange_server:5.5:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:exchange_server:5.5:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:exchange_server:5.5:sp4:*:*:*:*:*:*
- (no CPE)range: =5.5
cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/4205nvdPatchThird Party AdvisoryVDB Entry
- docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011nvdPatchVendor Advisory
- marc.infonvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.