Follow:

Vulnerability:Win/SMTP.Exchange.DoS!CAN-2002-0368

Severity rating
Critical

Class/Type
Vulnerability

Discovered date
2002-05-29T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
Yes

Signature detection
Medium



On this page




Description

A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack.



Impact

An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.



Technical details (analysis)

To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.



Affected software

Microsoft Exchange 2000



Non-affected software

All those not on the affected list.



References




Solutions




NIS signature

Name: Vulnerability:Win/SMTP.Exchange.DoS!CAN-2002-0368
Release Date: 2002-05-29T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

No work-arounds at this time.