|Title:||Exchange XEXCH50 Remote Buffer Overflow|
|Summary:||Tests to see if authentication is required for the XEXCH50 command|
|Description:||This system appears to be running a version of the Microsoft Exchange|
SMTP service that is vulnerable to a flaw in the XEXCH50 extended verb.
This flaw can be used to completely crash Exchange 5.5 as well as execute
arbitrary code on Exchange 2000.
Solution : See http://www.microsoft.com/technet/security/bulletin/MS03-046.mspx
BugTraq ID: 8838|
Common Vulnerability Exposure (CVE) ID: CVE-2003-0714
Microsoft Security Bulletin: MS03-046
Bugtraq: 20031022 MS03-046 Microsoft Exchange 2000 Heap Overflow (Google Search)
CERT/CC vulnerability note: VU#422156
|Copyright||This script is Copyright (C) 2003 Digital Defense Inc.|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.