Signature Detail
Short Name |
SMTP:EXCHANGE:MULTI-MAILROUTE |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
SMTP |
Keywords |
Exchange Multiple Mail Route Commands |
Release Date |
2005/04/11 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Exchange Multiple Mail Route Commands
This signature detects attempts to exploit a known vulnerability against Microsoft Exchange Server. A successful attack could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb. This might allow the attacker to run malicious programs of their choice in the security context of the SMTP service.
Extended Description
Microsoft Exchange Server is prone to a buffer overflow in the X-LINK2STATE SMTP extended verb. Successful exploitation could result in arbitrary code execution.
Affected Products
- Microsoft Exchange Server 2000 SP1
- Microsoft Exchange Server 2000 SP2
- Microsoft Exchange Server 2000 SP3
- Microsoft Exchange Server 2000
- Microsoft Exchange Server 2003 SP1
- Microsoft Exchange Server 2003
References
- BugTraq: 13118
- CVE: CVE-2005-0560
- URL: http://www.kb.cert.org/vuls/id/275193
- URL: http://www.us-cert.gov/cas/techalerts/TA05-102A.html