|
Family: SMTP problems --> Category: infos
IMC SMTP EHLO Buffer Overrun Vulnerability Scan
Vulnerability Scan Summary Checks to see if remote IMC SMTP version is vulnerable to buffer overflow
Detailed Explanation for this Vulnerability Test
A security vulnerability results
because of an unchecked buffer in the IMC code that
generates the response to the EHLO protocol command.
If the buffer were overrun with data it would result in
either the failure of the IMC or could allow the
attacker to run code in the security context of the IMC,
which runs as Exchange5.5 Service Account.
** Nessus only uses the banner header to acertain
if this vulnerability exists and does not check
for or attempt an actual overflow.
Solution : see
http://www.microsoft.com/technet/security/bulletin/MS02-037.mspx
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|