Microsoft Windows SMTP Service NTLM Null Session Authorization Bypass (uncredentialed check)

Medium Nessus Plugin ID 11308


The remote SMTP server is affected by an authorization bypass vulnerability.


It is possible to authenticate to the remote SMTP service by logging in with a NULL session.

An attacker may use this flaw to use your SMTP server as a spam relay.


Microsoft has released patches for Windows NT and 2000 as well as Exchange Server 5.5.

See Also

Plugin Details

Severity: Medium

ID: 11308

File Name: mssmtp_null_auth.nasl

Version: $Revision: 1.27 $

Type: remote

Published: 2003/03/02

Modified: 2017/08/30

Dependencies: 10263

Risk Information

Risk Factor: Medium


Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2004/04/09

Reference Information

CVE: CVE-2002-0054

BID: 4205

OSVDB: 5390, 10247

MSFT: MS02-011

MSKB: 289258, 313450