Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: SMTP problems --> Category: infos

IMC SMTP EHLO Buffer Overrun Vulnerability Scan


Vulnerability Scan Summary
Checks to see if remote IMC SMTP version is vulnerable to buffer overflow

Detailed Explanation for this Vulnerability Test
A security vulnerability results
because of an unchecked buffer in the IMC code that
generates the response to the EHLO protocol command.
If the buffer were overrun with data it would result in
either the failure of the IMC or could allow the
attacker to run code in the security context of the IMC,
which runs as Exchange5.5 Service Account.

** Nessus only uses the banner header to acertain
if this vulnerability exists and does not check
for or attempt an actual overflow.

Solution : see
http://www.microsoft.com/technet/security/bulletin/MS02-037.mspx

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.