COMMAND

    SMTP service

SYSTEMS AFFECTED

    Win2k

PROBLEM

    Following  is  based  on  a  Microsoft Security Bulletin MS01-037.
    An SMTP service installs by default as part of Windows 2000 server
    products, and  can be  selected for  installation on  Windows 2000
    Professional.  A  vulnerability results because  of a flaw  in the
    authentication process  used by  the service.   The  vulnerability
    could allow an unauthorized  user to successfully authenticate  to
    the service using incorrect credentials.

    An attacker who exploited the vulnerability could gain  user-level
    privileges on the SMTP  service, thereby enabling the  attacker to
    use  the  service  but  not  to  administer  it.   The most likely
    purpose in exploiting the  vulnerability would be to  perform mail
    relaying via the server.

    Mitigating Factors:
    - Exchange servers  -- even when  run on Windows  2000 -- are  not
      affected by this vulnerability.
    - Best practices  recommend disabling unneeded  services.  If  the
      SMTP service has been  disabled, the vulnerability could  not be
      exploited.
    - The vulnerability only affects stand-alone machines, not  domain
      members.
    - Proper  firewalling  could  prevent  Internet-based  attacks  by
      blocking port  25 on  servers that  do not  specifically need to
      accept SMTP traffic.

    Acknowledgment goes to Joao Gouveia.

SOLUTION

    A  patch  is  available  to  fix  this vulnerability.  Please read
    the Security Bulletin

        http://www.microsoft.com/technet/security/bulletin/ms01-037.asp

    for information on obtaining this patch.