Microsoft Windows SMTP Server MX Record Denial Of Service Vulnerability Network Vulnerability

Summary

The Microsoft Windows Simple Mail Transfer Protocol (SMTP) Server is prone to a denial-of-service vulnerability and to to an information-disclosure vulnerability. Successful exploits of the denial-of-service vulnerability will cause the affected SMTP server to stop responding, denying service to legitimate users. Attackers can exploit the information-disclosure issue to gain access to sensitive information. Any information obtained may lead to further attacks.

Solution

Microsoft released fixes to address this issue. Please see the references for more information.

References

http://support.avaya.com/css/P8/documents/100079218
http://www.microsoft.com
http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx
http://www.securityfocus.com/bid/39308
http://www.securityfocus.com/bid/39381

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0024, CVE-2010-0025
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Multiple Kerio Products Administration Console File Disclosure and Corruption Vulnerability
MailEnable SMTP HELO Command Denial of Service Vulnerability
Postfix SMTP Server Cyrus SASL Support Memory Corruption Vulnerability
MailEnable 'MESMTRPC.exe' SMTP Service Multiple Remote Denial of Service Vulnerabilities
Sendmail mail.local DOS

Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability

Take action and discover your vulnerabilities