Test ID:	11889
Category:	SMTP problems
Title:	Exchange XEXCH50 Remote Buffer Overflow
Summary:	Tests to see if authentication is required for the XEXCH50 command
Description:	This system appears to be running a version of the Microsoft Exchange SMTP service that is vulnerable to a flaw in the XEXCH50 extended verb. This flaw can be used to completely crash Exchange 5.5 as well as execute arbitrary code on Exchange 2000. Solution : See http://www.microsoft.com/technet/security/bulletin/MS03-046.mspx Risk factor : High
Cross-Ref:	BugTraq ID: 8838 Common Vulnerability Exposure (CVE) ID: CVE-2003-0714 Microsoft Security Bulletin: MS03-046 http://www.microsoft.com/technet/security/bulletin/ms03-046.asp Bugtraq: 20031022 MS03-046 Microsoft Exchange 2000 Heap Overflow (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106682909006586&w=2 http://www.cert.org/advisories/CA-2003-27.html CERT/CC vulnerability note: VU#422156 http://www.kb.cert.org/vuls/id/422156 http://www.securityfocus.com/bid/8838
Copyright	This script is Copyright (C) 2003 Digital Defense Inc.

This is only one of 24975 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: