Trend Micro InterScan 3.32 SMTP HELO Command Remote Overflow DoS

medium Nessus Plugin ID 10353

Synopsis

The remote MTA is vulnerable to a denial of service attack.

Description

It was possible to perform a denial of service against the remote Interscan SMTP server by sending it a special long HELO command.

This problem allows an attacker to prevent your Interscan SMTP server from handling requests.

Solution

Contact your vendor for a patch.

Plugin Details

Severity: Medium

ID: 10353

File Name: interscan_dos.nasl

Version: 1.35

Type: remote

Family: SMTP problems

Published: 4/17/2000

Updated: 7/12/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 11/8/1999

Reference Information

CVE: CVE-1999-1529

BID: 787

Detections

Analytics