SMTP problems : Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.100607

Categoría: SMTP problems

Título: Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Resumen: The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine; is prone to a buffer overflow. This occurs during the processing responses to DNS lookups.

Descripción: Summary:
The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine
is prone to a buffer overflow. This occurs during the processing responses to DNS lookups.

Vulnerability Impact:
Successful exploitation could allow for remote code execution in the context of the
vulnerable service.

Solution:
Microsoft has released a bulletin that includes fixes to address this
issue for supported versions of the operating system.

Note that the fix for Exchange Server 2000 Service Pack 3 requires that the Exchange 2000 Server Post-Service Pack 3 (SP3)
Update Rollup be installed as a prerequisite. See Knowledge Base article 870540 in the References section for further
details on this rollup.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0840
BugTraq ID: 11374
http://www.securityfocus.com/bid/11374
CERT/CC vulnerability note: VU#394792
http://www.kb.cert.org/vuls/id/394792
Microsoft Security Bulletin: MS04-035
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509
XForce ISS Database: win-ms04035-patch(17660)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17660
XForce ISS Database: win2k3-smtp-execute-code(17621)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17621

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.100607
Categoría:	SMTP problems
Título:	Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
Resumen:	The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine; is prone to a buffer overflow. This occurs during the processing responses to DNS lookups.
Descripción:	Summary: The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine is prone to a buffer overflow. This occurs during the processing responses to DNS lookups. Vulnerability Impact: Successful exploitation could allow for remote code execution in the context of the vulnerable service. Solution: Microsoft has released a bulletin that includes fixes to address this issue for supported versions of the operating system. Note that the fix for Exchange Server 2000 Service Pack 3 requires that the Exchange 2000 Server Post-Service Pack 3 (SP3) Update Rollup be installed as a prerequisite. See Knowledge Base article 870540 in the References section for further details on this rollup. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0840 BugTraq ID: 11374 http://www.securityfocus.com/bid/11374 CERT/CC vulnerability note: VU#394792 http://www.kb.cert.org/vuls/id/394792 Microsoft Security Bulletin: MS04-035 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509 XForce ISS Database: win-ms04035-patch(17660) https://exchange.xforce.ibmcloud.com/vulnerabilities/17660 XForce ISS Database: win2k3-smtp-execute-code(17621) https://exchange.xforce.ibmcloud.com/vulnerabilities/17621
Copyright	Copyright (C) 2010 Greenbone AG