Used Microsoft Exchange Server 5.5 Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service for Windows? Share your experience and help other users.
Key Details of Microsoft Exchange Server 5.5 Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service
- Security patch
- Last updated on
- There have been 9 updates
- Virus scan status:
Clean (it’s extremely likely that this software program is clean)
Developer’s Description
By design, the Windows 2000 SMTP service and the Exchange Server 5.5 IMC, upon receiving notification from the NTLM authentication layer that a user has been authenticated, should perform additional checks before granting the user access to the service. The vulnerability results because the affected services don't perform this additional checking correctly. In some cases, this could result in the SMTP service granting access to a user solely on the basis of their ability to successfully authenticate to the server.
An attacker who exploited the vulnerability could gain only user-level privileges on the SMTP service, thereby enabling the attacker to use the service but not to administer it. The most likely purpose in exploiting the vulnerability would be to perform mail relaying via the server.
Used Microsoft Exchange Server 5.5 Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service for Windows? Share your experience and help other users.
Explore More
DELL U2 in DFU - CSR Driver
FreeRegistry Toolkit
Trial version
QSU Lite
FreeWideView.zip
FreeSSHourMeter
Trial versionSoftV90 Data Fax Modem with SmartCP
Free9532204.exe
FreeLSI Logic (formerly AMI) PERC3/DCL, PERC3/DC, PERC3/QC, PERC3/SC, v.5.39, A09
FreeBroadcom NetXtreme Family of Adapters , v.7.100, A00-7.7
FreeKensington HID Optical Wireless
FreeSerial ATA:Adaptec CERC SATA 2s
FreeEnglish-Russian-English Extended dictionary for Palm OS (with sound module)
Paid
