On Dec 3, 2008, at 9:36 PM, Guillermo Trillo wrote: > I would like to know why I am getting this vulnerability "Exchange > XEXCH50 Remote Buffer Overflow" on a Windows Server 2003 and an > Exchange Server 2003. > > > My understanding was that this vulnerability was applicable only to > Exchange Server 5.5 or 2000.
MS03-046 says that their patch now requires authenticated connections between Exchange servers in order to use an extended SMTP command such as XEXCH50, yet the plugin seems to have been able to use it without supplying any credentials. To better diagnose the issue then, would you mind re-running the plugin and sending me privately the traffic from the Exchange server(s) flagged as vulnerable? You can do this by setting "debug" to 1 in the plugin (eg, "debug=1;") and running the plugin from the commandline using nasl or taking a packet capture while doing a scan. Thanks in advance, George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
