SMTP problems : Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.100607

Kategorie: SMTP problems

Titel: Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Zusammenfassung: The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine; have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups.

Beschreibung: Summary:
The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine
have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups.

Vulnerability Impact:
Successful exploitation could allow for remote code execution in the context of the
vulnerable service.

Solution:
Microsoft has released a bulletin that includes fixes to address this
issue for supported versions of the operating system.

Note that the fix for Exchange Server 2000 Service Pack 3 requires that the Exchange 2000 Server Post-Service Pack 3 (SP3)
Update Rollup be installed as a prerequisite. See Knowledge Base article 870540 in the References section for further
details on this rollup.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 11374
Common Vulnerability Exposure (CVE) ID: CVE-2004-0840
http://www.securityfocus.com/bid/11374
CERT/CC vulnerability note: VU#394792
http://www.kb.cert.org/vuls/id/394792
Microsoft Security Bulletin: MS04-035
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509
XForce ISS Database: win-ms04035-patch(17660)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17660
XForce ISS Database: win2k3-smtp-execute-code(17621)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17621

Copyright Copyright (C) 2010 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.100607
Kategorie:	SMTP problems
Titel:	Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
Zusammenfassung:	The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine; have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups.
Beschreibung:	Summary: The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups. Vulnerability Impact: Successful exploitation could allow for remote code execution in the context of the vulnerable service. Solution: Microsoft has released a bulletin that includes fixes to address this issue for supported versions of the operating system. Note that the fix for Exchange Server 2000 Service Pack 3 requires that the Exchange 2000 Server Post-Service Pack 3 (SP3) Update Rollup be installed as a prerequisite. See Knowledge Base article 870540 in the References section for further details on this rollup. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 11374 Common Vulnerability Exposure (CVE) ID: CVE-2004-0840 http://www.securityfocus.com/bid/11374 CERT/CC vulnerability note: VU#394792 http://www.kb.cert.org/vuls/id/394792 Microsoft Security Bulletin: MS04-035 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509 XForce ISS Database: win-ms04035-patch(17660) https://exchange.xforce.ibmcloud.com/vulnerabilities/17660 XForce ISS Database: win2k3-smtp-execute-code(17621) https://exchange.xforce.ibmcloud.com/vulnerabilities/17621
Copyright	Copyright (C) 2010 Greenbone Networks GmbH