SynopsisThe remote mail server may be affected by multiple vulnerabilities.
DescriptionThe installed version of Microsoft Exchange / Windows SMTP Service is affected by at least one vulnerability :
- Incorrect parsing of DNS Mail Exchanger (MX) resource records could cause the Windows Simple Mail Transfer Protocol (SMTP) component to stop responding until the service is restarted. (CVE-2010-0024)
- Improper allocation of memory for interpreting SMTP command responses may allow an attacker to read random email message fragments stored on the affected server.
SolutionMicrosoft has released a set of patches for Windows 2000, XP, 2003, and 2008 as well as Exchange Server 2000, 2003, 2007, and 2010.