Detections
Analytics

Microsoft Windows SMTP Service NTLM Null Session Authorization Bypass (uncredentialed check)

medium Nessus Plugin ID 11308

Language:

Synopsis

The remote SMTP server is affected by an authorization bypass vulnerability.

Description

It is possible to authenticate to the remote SMTP service by logging in with a NULL session.

An attacker may use this flaw to use your SMTP server as a spam relay.

Solution

Microsoft has released patches for Windows NT and 2000 as well as Exchange Server 5.5.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2002/ms02-011

Plugin Details

Severity: Medium

ID: 11308

File Name: mssmtp_null_auth.nasl

Version: 1.29

Type: remote

Published: 3/2/2003

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/9/2004

Reference Information

CVE: CVE-2002-0054

BID: 4205

MSFT: MS02-011

MSKB: 289258, 313450