Microsoft Windows SMTP Service Malformed BDAT Request Remote DoS

This script is Copyright (C) 2002-2013 Tenable Network Security, Inc.


Synopsis :

The remote SMTP server is affected by a denial of service
vulnerability.

Description :

It is possible to make the remote SMTP server fail and restart by
sending specially crafted 'BDAT' requests.

The service will restart automatically, but all the connections
established at the time of the attack will be dropped.

An attacker may use this flaw to make mail delivery to your site
less efficient.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms02-012
http://marc.info/?l=bugtraq&m=101558498401274&w=2
http://www.nessus.org/u?ee067e2c

Solution :

Apply the patch referenced above.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: SMTP problems

Nessus Plugin ID: 10885 ()

Bugtraq ID: 4204

CVE ID: CVE-2002-0055