Enclosed please find new plugin to check for Microsoft Exchange 5.5 IMC
EHLO buffer overflow.
This plugin does not check to see if it can do the buffer overflow, but
relies on smtp banner version to determine vulnerability.
If someone wants to 'spruce up' my egrep patterns, I won't be offended.
I want to make sure it checks for NEWER versions as well as old ones.
(see script)
To select this plugin, select 'smtp problems', then IMC SMTP EHLO Buffer
Overrun.
If you select 'enable dependencies' and 'optimize the tests' you should be
able to quickly scan a network for vulnerable servers.
I don't think a ping or tcp ping is needed since this should do a quick
port 25 check, but if you suspect IMC's running on non standard ports then
run the quick nmap scan or preload tcp ping with suspected ports.
--
Michael Scheidell
SECNAP Network Security, LLC
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Looking for a career in Internet security
http://www.secnap.net/employment/
EHLO buffer overflow.
This plugin does not check to see if it can do the buffer overflow, but
relies on smtp banner version to determine vulnerability.
If someone wants to 'spruce up' my egrep patterns, I won't be offended.
I want to make sure it checks for NEWER versions as well as old ones.
(see script)
To select this plugin, select 'smtp problems', then IMC SMTP EHLO Buffer
Overrun.
If you select 'enable dependencies' and 'optimize the tests' you should be
able to quickly scan a network for vulnerable servers.
I don't think a ping or tcp ping is needed since this should do a quick
port 25 check, but if you suspect IMC's running on non standard ports then
run the quick nmap scan or preload tcp ping with suspected ports.
--
Michael Scheidell
SECNAP Network Security, LLC
Sales: 866-SECNAPNET / (1-866-732-6276)
Main: 561-368-9561 / www.secnap.net
Looking for a career in Internet security
http://www.secnap.net/employment/
Attached Files:
-
smtp_ms02-037.nasl (2.24 KB)