| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(92840);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/27");
script_xref(name:"IAVA", value:"0001-A-0600");
script_name(english:"Symantec Mail Security for Microsoft Exchange Unsupported Version Detection");
script_summary(english:"Checks the version of Symantec Mail Security for Microsoft Exchange.");
script_set_attribute(attribute:"synopsis", value:
"A mail anti-virus application installed on the remote host is no
longer supported.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the installation of
Symantec Mail Security for Microsoft Exchange on the remote host is no
longer supported.
Lack of support implies that no new security patches for the product
will be released by the vendor. As a result, it is likely to contain
security vulnerabilities.");
# https://www.symantec.com/products/mail-security-exchange
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3ce907c6");
# https://knowledge.broadcom.com/external/article/248055/endoflife-for-select-symantec-products-c.html#mcetoc_1guvp136onb
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9ccf27c0");
script_set_attribute(attribute:"solution", value:
"There is no replacement product available for customers who wish to
remain on-prem. However, Microsoft Exchange 2019 reaches End of Life
January 1, 2024. SMSMSE will not support future versions of Exchange
(beyond Exchange 2019).");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"manual");
script_set_attribute(attribute:"cvss_score_rationale", value:"Tenable score for unsupported software");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:symantec:mail_security");
script_set_attribute(attribute:"unsupported_by_vendor", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2016-2026 Tenable Network Security, Inc.");
script_dependencies("sms_for_msexchange.nasl");
script_require_keys("Symantec_Mail_Security/Installed");
script_require_ports(139, 445);
exit(0);
}
get_kb_item_or_exit("SMB/SMS_Exchange/Installed");
var app_name = "Symantec Mail Security for Microsoft Exchange";
var install_path = get_kb_item_or_exit('SMB/SMS_Exchange/Path');
var version = get_kb_item_or_exit('SMB/SMS_Exchange/Version');
var port = get_kb_item('SMB/transport');
if (!port) port = 445;
var report;
if (version)
{
register_unsupported_product(product_name:"Symantec Mail Security for Microsoft Exchange",
cpe_base:"symantec:mail_security", version:version);
report = '\n Path : ' + install_path +
'\n Installed version : ' + version +
'\n Supported versions : ' + 'This product is End of Life' +
'\n EOL date : ' + 'December 31, 2024' +
'\n EOL URL : ' + 'https://knowledge.broadcom.com/external/article/248055/endoflife-for-select-symantec-products-c.html#mcetoc_1guvp136onb' +
'\n';
security_report_v4(severity:SECURITY_HOLE, port:port, extra:report);
exit(0);
}
audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, install_path);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation