Hello All, For plugin 10723, could the following text be struck out or moved to a different plugin? It has nothing to do w/ the general null binding for LDAP. <text> In addition, the LDAP bind function in Exchange 5.5 has a buffer overflow that allows a user to conduct a denial of service or execute commands in all versions prior to Exchange server SP2. Coupled with a NULL BIND, an anonymous user can mount a remote attack against your server. Note: no test was done to see what version of Exchange server is running, nor attempt to verify the service pack. Solution: see http://www.microsoft.com/technet/security/bulletin/ms99-009.mspx Risk factor: Medium </text> Thanks, Jon __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Thu Feb 17 2005 - 10:32:59 PST