Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
SMTP:EXCHANGE:MULTI-LONG-MAILRT |
|---|---|
Severity |
Critical |
Recommended |
No |
Category |
SMTP |
Keywords |
Exchange Multiple Long Mail Route Commands |
Release Date |
2005/04/20 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
SMTP: Exchange Multiple Long Mail Route Commands
This signature detects attempts to exploit a known vulnerability in Microsoft Exchange Server. Unauthenticated attackers can remotely connect to the SMTP port on an Exchange server, then issue a crafted extended verb to run malicious programs in the security context of the SMTP service. This signature should be used between your Exchange servers and the Internet and not used between trusted Exchange servers to avoid potential false-positives.
Extended Description
Microsoft Exchange Server is prone to a buffer overflow in the X-LINK2STATE SMTP extended verb. Successful exploitation could result in arbitrary code execution.
Affected Products
- Microsoft exchange_server_2000 SP1
- Microsoft exchange_server_2000 SP2
- Microsoft exchange_server_2000 SP3
- Microsoft exchange_server_2000
- Microsoft exchange_server_2003 SP1
- Microsoft exchange_server_2003
References
- BugTraq: 13118
- CVE: CVE-2005-0560
- URL: http://www.us-cert.gov/cas/techalerts/TA05-102A.html