CVE-2004-2071

Vulnerability

The vulnerability exists in Macallan Mail Solution version 2.8.4.6 (Build 260) and possibly earlier versions. The authentication bypass occurs in the web interface when a remote attacker sends an HTTP GET request that includes two slashes ("//") immediately after the server name. This malformed request bypasses the authentication mechanism and grants unauthorized access to the administrative web interface [1].

Exploitation

An attacker can exploit this vulnerability by simply sending a crafted HTTP GET request to the affected server. No authentication, user interaction, or special network position is required beyond the ability to send HTTP requests to the web interface. The attacker must include two slashes ("//") after the server name in the request URI. For example, requesting http://target//admin instead of http://target/admin may trigger the bypass [1].

Impact

Successful exploitation allows a remote, unauthenticated attacker to bypass authentication and gain access to the administrative web interface of Macallan Mail Solution. This could lead to full compromise of the mail server, including reading, modifying, or deleting emails and user accounts, as well as potentially further network penetration from the compromised server [1].

Mitigation

No official patch or fixed version has been identified in the available references. The vendor is likely no longer supporting this product. Users should consider upgrading to a supported mail solution or restricting network access to the web interface (e.g., via firewall rules or VPN) as a workaround. This CVE is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog [1].