MTS Professional < 220.127.116.11 SMTP Open Relay
Medium Nessus Network Monitor Plugin ID 3448
SynopsisThe remote SMTP server can be tricked into relaying email, regardless of its relay configuration.
DescriptionThe remote host is running the MTS Professional SMTP server. This version of MTS is vulnerable to a flaw in the way that it handles malformed 'MAIL FROM:' headers. An attacker exploiting this flaw would send malformed 'MAIL FROM:' directives to the server. Successful exploitation would result in the attacker being able to relay traffic through the host.
SolutionUpgrade to version 18.104.22.168 or higher.