Synopsis
The remote host contains a data synchronization program that is affected by a remote denial of service attack.
Description
The remote service (probably ActiveSync) could be crashed by sending it a malformed packet advertising a wrong content-length.
An attacker may use this flaw to disable this service remotely. It is not clear at this time if this vulnerability can be used to execute arbitrary code on this host, although it is a possibility.
Solution
There is no known solution at this time.
Plugin Details
File Name: active_sync_overflow.nasl
Agent: windows
Supported Sensors: Nessus
Vulnerability Information
Exploit Ease: Exploits are available
Reference Information
BID: 7150