漏洞类别:Mail services
漏洞等级: 
漏洞信息
ENGLISHMANSDENTIST is an exploit from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable using SMTP.
This information comes from the Shadow Brokers' "Equation Group" data dump.
This Zero Day is actively being exploited with the "ENGLISHMANSDENTIST" exploit.
Affected Versions:
1) MS Exchange 2000 - End of life since April 11, 2017
2) MS Exchange 2003 - End of life since April 8, 2014
3) MS Exchange 2007 - End of life since January 11, 2011
QID Detection Logic:
This QID looks for the start value of the SMTP registry key HKLM\SYSTEM\CurrentControlSet\Services\SMTPSvc and is posted if these keys are found on the following MS Exchange Versions:
1) MS Exchange 2000
2) MS Exchange 2003
3) MS Exchange 2007
漏洞危害
Successful exploitation of the vulnerability will allow remote attackers to trigger executable code on client and then send email to user.
解决方案
Customers are advised to upgrade to supported versions of Microsoft Exchange from the Microsoft Download Center.
All the affected versions of MS Exchange are End of Life and Microsoft provides no support:
1) MS Exchange 2000 - End of life since April 11, 2017
2) MS Exchange 2003 - End of life since April 8, 2014
3) MS Exchange 2007 - End of life since January 11, 2011
0day
文章评论