SMTP: Exchange Multiple Mail Route Commands
This signature detects attempts to exploit a known vulnerability against Microsoft Exchange Server. A successful attack could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb. This might allow the attacker to run malicious programs of their choice in the security context of the SMTP service.
Extended Description
Microsoft Exchange Server is prone to a buffer overflow in the X-LINK2STATE SMTP extended verb. Successful exploitation could result in arbitrary code execution.
Affected Products
Microsoft exchange_server_2003
References
BugTraq: 13118
CVE: CVE-2005-0560
URL: http://www.kb.cert.org/vuls/id/275193 http://www.us-cert.gov/cas/techalerts/TA05-102A.html
Short Name
SMTP:EXCHANGE:MULTI-MAILROUTE
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2005-0560 Commands Exchange Mail Multiple Route bid:13118
Release Date
04/12/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5