[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] MS05-021 Workaround - Block Port 25/SMTP - HAHA!

To: Full-Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] MS05-021 Workaround - Block Port 25/SMTP - HAHA!
From: Danny <nocmonkey@xxxxxxxxx>
Date: Tue, 12 Apr 2005 15:48:38 -0400

Good to see that Microsoft has a great sense of humour, in regards
their recently announced Security Bulletin MS05-021 - Vulnerability in
Exchange Server Could Allow Remote Code Execution (894549).

Note one of the workarounds (if you don't have time to patch):

"Use a firewall to block the port that SMTP uses. Typically, that is port 25.

Impact of Workaround:

This workaround should only be used as a last resort to help protect
you from this vulnerability. This workaround may directly affect the
ability to communicate with external parties by e-mail."

And some people wonder why I insist that all of my Microsoft servers
are inaccessible from the Internet; egress and ingress.

...D
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] linux bugs (survival stories)?
Next by Date: Re: [Full-disclosure] linux bugs (survival stories)?
Previous by thread: [Full-disclosure] DMA[2005-0412a] - 'Widcomm BTW (Microsoft Windows BT stack) Directory Transversal'
Next by thread: [Full-disclosure] [ GLSA 200504-09 ] Axel: Vulnerability in HTTP redirection handling
Index(es):
- Date
- Thread