Recently had a penetration test which exposed some vulnerabilities.Microsoft IIs malformed HTTP HOST header field denial of serviceHTTP banner exposureSMTP Mail forgery VulnerabilitySSL server allowing weak cipher SSL version 2My server is a SBS server 2003 running exchange.... Patches are current.I searched support with no luck finding resolutions to these issuesAny suggestions?

SSL v2 has been known to be insecure. You can use v3 only. See here. Mike Crowley: MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator