Microsoft Windows SMTP Service Malformed BDAT Request Remote DoS

Medium Nessus Plugin ID 10885


The remote SMTP server is affected by a denial of service vulnerability.


It is possible to make the remote SMTP server fail and restart by sending specially crafted 'BDAT' requests.

The service will restart automatically, but all the connections established at the time of the attack will be dropped.

An attacker may use this flaw to make mail delivery to your site less efficient.


Apply the patch referenced above.

See Also

Plugin Details

Severity: Medium

ID: 10885

File Name: mssmtp_dos.nasl

Version: $Revision: 1.32 $

Type: remote

Published: 2002/03/08

Modified: 2017/08/30

Dependencies: 10263

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/03/06

Reference Information

CVE: CVE-2002-0055

BID: 4204

OSVDB: 732

MSFT: MS02-012

MSKB: 313450