Test ID:	1.3.6.1.4.1.25623.1.0.11053
Category:	SMTP problems
Title:	IMC SMTP EHLO Buffer Overrun
Summary:	A security vulnerability results because of an unchecked buffer; in the IMC code that generates the response to the EHLO protocol command.
Description:	Summary: A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. Vulnerability Impact: If the buffer were overrun with data it would result in either the failure of the IMC or could allow the attacker to run code in the security context of the IMC, which runs as Exchange5.5 Service Account. Solution: The vendor has released updates. Please see thee references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0698 BugTraq ID: 5306 http://www.securityfocus.com/bid/5306 ISS Security Advisory: 20020724 Remote Buffer Overflow Vulnerability in Microsoft Exchange Server http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 Microsoft Security Bulletin: MS02-037 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-037 Microsoft Knowledge Base article: Q326322 http://support.microsoft.com/default.aspx?scid=kb;[LN];Q326322 http://www.iss.net/security_center/static/9658.php
Copyright	Copyright (C) 2002 SECNAP Network Security, LLC

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.