Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.100607
Category:SMTP problems
Title:Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability
Summary:The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine; have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups.
Description:Summary:
The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine
have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups.

Vulnerability Impact:
Successful exploitation could allow for remote code execution in the context of the
vulnerable service.

Solution:
Microsoft has released a bulletin that includes fixes to address this
issue for supported versions of the operating system.

Note that the fix for Exchange Server 2000 Service Pack 3 requires that the Exchange 2000 Server Post-Service Pack 3 (SP3)
Update Rollup be installed as a prerequisite. See Knowledge Base article 870540 in the References section for further
details on this rollup.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 11374
Common Vulnerability Exposure (CVE) ID: CVE-2004-0840
http://www.securityfocus.com/bid/11374
CERT/CC vulnerability note: VU#394792
http://www.kb.cert.org/vuls/id/394792
Microsoft Security Bulletin: MS04-035
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3460
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5509
XForce ISS Database: win-ms04035-patch(17660)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17660
XForce ISS Database: win2k3-smtp-execute-code(17621)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17621
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.