Win2K becomes a spam relay
SMTP authentication out of control
Posted in Software, 6th July 2001 08:11 GMT
Understand how application security is evolving
A flaw in the Win-2K SMTP (Simple Mail Transfer Protocol) authentication scheme allows unauthorized users to access the system using bogus credentials and bounce spam and death threats off unwitting users' machines with impunity.
"An attacker who exploited the vulnerability could gain user-level privileges on the SMTP service, thereby enabling the attacker to use the service but not to administer it. The most likely purpose in exploiting the vulnerability would be to perform mail relaying via the server," an MS security bulletin explains.
SMTP service is installed by default on Win2K server, and can be enabled by choice on Win-2K Pro. The vulnerability affects only stand-alone machines. W2K machines configured as domain members are not affected. The SMTP services in NT 4.0, Exchange 5.5 and Exchange 2K are also not affected.
Technical details are quite sketchy at the moment, but MS says they will post additional information by way of Knowledge Base article Q302755 within 24 hours. It was not available at press time. ®


Solving on-premise email challenges with on-demand services
The business case for application security
Airport insecurity: the case of lost laptops
The best practices guide for application security
Impact of the dramatic increase in devices on the cost to support
Google code cloud punts on-demand embarrassment
Microsoft weighs next-phase in open-source support
iTunes minus the player: hack your Apple beats
Oracle plans cloud strategy