Microsoft Windows 2000 SMTP service allows mail relaying

win2k-smtp-mail-relay (6803) The risk level is classified as MediumMedium Risk

Description:

The SMTP service in Microsoft Windows 2000 could allow a remote attacker to perform mail relaying on the system, caused by a vulnerability in the authentication process. A remote attacker can authenticate to the service using false credentials to gain SMTP service privileges, which would allow the attacker to only use the service. By default, the SMTP service is installed on Windows 2000 Server.


Consequences:

Bypass Security

Remedy:

Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-001. See References.

Note: Microsoft originally provided a patch for this vulnerability in MS01-037, but it has been superseded by the patch released with MS02-001. See References.

References:

  • CIAC Information Bulletin L-107: Microsoft Authentication Error in SMTP Service.
  • Microsoft Security Bulletin MS01-037: Authentication Error in SMTP Service Could Allow Mail Relaying.
  • Microsoft Security Bulletin MS02-001: Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data.
  • BID-2988: Microsoft Windows 2000 SMTP Improper Authentication Vulnerability
  • CVE-1999-0512: A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.
  • CVE-2001-0504: Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activites such as mail relaying.
  • US-CERT VU#435963: Microsoft Windows 2000 SMTP service fails to properly authenticate credentials of unauthorized user (MS01-037)

Platforms Affected:

  • Microsoft Windows 2000

Reported:

Jul 05, 2001

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page