Have you ever telnet’d to an MS Exchange server and wondered what Service Pack or Release version it was? I know I have. It can be a good way to double check what Nessus or another VA tool told you was a vulnerable version. CDOLive has a nice table that matches Version, Service Pack and release date for Exchange versions since 4.0. So the next time you see thison port 25:
220 mydomain.com Microsoft ESMTP MAIL Service, Version: 6.5.7226.6 ready at
Wed, 30 Aug 2006 16:11:32 -0400
you can tell that it is at least MS Exchange 2003 with Service Pack 1 installed. They don’t seem to cover the Small Business Server versions of Exchange. My SBS 2003 returns a version string of 6.0.3790.1830, which is not listed. They also don’t cover the myriad of hotfixes / updates that change a build number. Still a good reference though as a place to start.
Outlook build numbers are listed there as well.
–Chris
Leave a Reply