SecureScoutLogo.jpg
Exchange NNTP DoS



Go to Vulnerabilities List

General Info

TC: 11200
Description: Exchange NNTP is vulnerable to a DoS attack.
TC Impact: Gather Info
Service: nntp


Specific Operations and Actions:

Vulnerability Publication: July 24, 1998
Advisory Copyright: Microsoft
Summary: An attacker can remotely disrupt the Microsoft Exchange server (mail and news services).
Risk: Medium
CVSS 2.0 metrics: Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Partial
CVSS 2.0 Base Score: 5.0
Vulnerability Impact: Denial of Service
Host Impact: Denial of Microsoft Exchange services.
Nature of Remediation: Update the software.
Step required to fix the reported vulnerability:

***** Solution type: Undefined *****

Microsoft recommends installing Microsoft Exchange version 5.5 and Service Pack 1 or later.


Glossary and References :

References:
Microsoft Security Bulletin : http://www.microsoft.com/technet/security/bulletin/MS98-007.asp
See the Q188369 article at http://support.microsoft.com/support/kb/articles/q188/3/69.asp

CVE Link: CVE-1999-1043
 CVE Compatible

Glossary: Denial of Service
NNTP

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)