Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.100624
Category:SMTP problems
Title:Microsoft Windows SMTP Server DNS spoofing vulnerability
Summary:The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is; prone to a DNS spoofing vulnerability.
Description:Summary:
The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is
prone to a DNS spoofing vulnerability.

Vulnerability Impact:
Successfully exploiting this issue allows remote attackers to spoof
DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.

Solution:
This issue is reported to be patched in Microsoft security advisory
MS10-024. Please see the references for more information.

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:P

Cross-Ref: BugTraq ID: 39910
BugTraq ID: 39908
Common Vulnerability Exposure (CVE) ID: CVE-2010-1690
http://www.securityfocus.com/bid/39910
http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0058.html
http://www.coresecurity.com/content/CORE-2010-0424-windows-smtp-dns-query-id-bugs
http://securitytracker.com/id?1023939
Common Vulnerability Exposure (CVE) ID: CVE-2010-1689
http://www.securityfocus.com/bid/39908
CopyrightCopyright (C) 2010 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.