SMTP: Microsoft Exchange Crafted MX Record
This signature detects attempts to exploit a known vulnerability in the way that Microsoft Windows Simple Mail Transfer Protocol (SMTP) component. A successful attack can result in a denial-of-service condition.
Extended Description
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability."
Affected Products
Microsoft windows_2003_server
References
CVE: CVE-2010-0024
Short Name
SMTP:DOS:CRAFTED-MX
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2010-0024 Crafted Exchange MX Microsoft Record
Release Date
02/11/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0