Detections
Analytics
MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832)
medium Nessus Plugin ID 45511
Language:
Synopsis
The remote mail server may be affected by multiple vulnerabilities.Description
The installed version of Microsoft Exchange / Windows SMTP Service is affected by at least one vulnerability :- Incorrect parsing of DNS Mail Exchanger (MX) resource records could cause the Windows Simple Mail Transfer Protocol (SMTP) component to stop responding until the service is restarted. (CVE-2010-0024)
- Improper allocation of memory for interpreting SMTP command responses may allow an attacker to read random email message fragments stored on the affected server.
(CVE-2010-0025)
- Predictable transaction IDs are used, which could allow a man-in-the-middle attacker to spoof DNS responses.
(CVE-2010-1689)
- There is no verification that the transaction ID of a response matches the transaction ID of a query, which could allow a man-in-the-middle attacker to spoof DNS responses. (CVE-2010-1690)
Solution
Microsoft has released a set of patches for Windows 2000, XP, 2003, and 2008 as well as Exchange Server 2000, 2003, 2007, and 2010.See Also
Plugin Details
Severity: Medium
ID: 45511
File Name: smb_nt_ms10-024.nasl
Version: 1.28
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 4/13/2010
Updated: 8/5/2020
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.7
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/13/2010
Vulnerability Publication Date: 4/13/2010
Exploitable With
Core Impact
Reference Information
CVE: CVE-2010-0024, CVE-2010-0025, CVE-2010-1689, CVE-2010-1690