Detections
Analytics
Microsoft SMTP DNS Lookup Overflow (885881)
critical Nessus Network Monitor Plugin ID 2358
Synopsis
The remote host is vulnerable to a buffer overflow.Description
The remote host is running a version of Microsoft SMTP server that is vulnerable to a buffer overflow issue.An attacker may exploit this flaw to execute arbitrary commands on the remote host with the privileges of the SMTP server process.
Solution
http://www.microsoft.com/technet/security/bulletin/MS04-035.mspxSee Also
http://www.microsoft.com/technet/security/bulletin/MS04-035.mspx
Plugin Details
Severity: Critical
ID: 2358
Family: SMTP Servers
Published: 10/12/2004
Updated: 3/6/2019
Nessus ID: 15464
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:microsoft:exchange_server
Reference Information
CVE: CVE-2004-0840
BID: 11374