Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. users
Exchange XEXCH50 Remote Buffer Overflow
gmtrillo at gmail
Dec 3, 2008, 6:36 PM
Post #1 of 2 (2031 views)
Permalink
Hello,
I would like to know why I am getting this vulnerability "Exchange XEXCH50
Remote Buffer Overflow" on a Windows Server 2003 and an Exchange Server
2003.

My understanding was that this vulnerability was applicable only to Exchange
Server 5.5 or 2000.

I will appreciate your help to this question.

Regards,
Guillermo
Re: Exchange XEXCH50 Remote Buffer Overflow [ In reply to ]
theall at tenablesecurity
Dec 4, 2008, 8:23 AM
Post #2 of 2 (1916 views)
Permalink
On Dec 3, 2008, at 9:36 PM, Guillermo Trillo wrote:
> I would like to know why I am getting this vulnerability "Exchange
> XEXCH50 Remote Buffer Overflow" on a Windows Server 2003 and an
> Exchange Server 2003.
>
>
> My understanding was that this vulnerability was applicable only to
> Exchange Server 5.5 or 2000.

MS03-046 says that their patch now requires authenticated connections
between Exchange servers in order to use an extended SMTP command such
as XEXCH50, yet the plugin seems to have been able to use it without
supplying any credentials.

To better diagnose the issue then, would you mind re-running the
plugin and sending me privately the traffic from the Exchange
server(s) flagged as vulnerable? You can do this by setting "debug" to
1 in the plugin (eg, "debug=1;") and running the plugin from the
commandline using nasl or taking a packet capture while doing a scan.
Thanks in advance,

George
--
theall@tenablesecurity.com



_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal