ASN.1 Multiple Integer Overflows (SMTP check)

critical Nessus Plugin ID 12065


The remote host has multiple integer overflow vulnerabilities.


The remote Windows host has an ASN.1 library with multiple integer overflow vulnerabilities. These issues could lead to a heap-based buffer overflow. A remote attacker could exploit these issues to execute arbitrary code.

This particular check sent a malformed SMTP authorization packet and determined that the remote host is not patched.


Microsoft has released a set of patches for Windows NT, 2000, XP, and 2003.

See Also

Plugin Details

Severity: Critical

ID: 12065

File Name: mail_asn1_decoding.nasl

Version: 1.40

Type: remote

Published: 2/18/2004

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information


Risk Factor: High

Score: 7.4


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/10/2004

Vulnerability Publication Date: 2/10/2004

Exploitable With


Core Impact

Metasploit (MS04-007 Microsoft ASN.1 Library Bitstring Heap Overflow)

Reference Information

CVE: CVE-2003-0818

BID: 9633, 9635, 9743, 13300

MSFT: MS04-007

MSKB: 828028