Tumbleweed MMS No Default Password Vulnerability

Tumbleweed Messaging Management System (MMS) (Formerly Worldtalk Worldsecure) creates a default user account 'sa' which by default uses no password. This lets a remote user connect to the database and delete or modify data.


 

Privacy Statement
Copyright 2010, SecurityFocus