Outlook Express NNTP LIST Command Remote Overflow
Medium Nessus Network Monitor Plugin ID 3013
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running Outlook Express. This version of Outlook Express is vulnerable to a buffer overflow when malformed NNTP responses are parsed by versions of msoe.dll prior to 6.00.2800.1506. An attacker exploiting this flaw would need to host a malicious NNTP server and be able to convince a local Outlook user to connect to the NNTP server. Successful exploitation would result in arbitrary code being executed on the machine running Outlook Express.
SolutionUpgrade or patch according to vendor recommendations.