oval:org.mitre.oval:def:4032

Definition Id: oval:org.mitre.oval:def:4032

Oval ID:	oval:org.mitre.oval:def:4032
Title:	Exchange Server SMTP Buffer Overflow
Description:	Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-0560	Version:	1
Platform(s):	Microsoft Windows 2000 Microsoft Windows Server 2003	Product(s):	Microsoft Exchange Server
Definition Synopsis:
Exchange Server 2003 is installed AND the version of xlsasink.dll is less than 6.5.6981.3 AND NOT the patch KB894549 is installed