Microsoft Windows SMTP Service Malformed BDAT Request DoS

2002-03-06T00:00:00
ID OSVDB:732
Type osvdb
Reporter OSVDB
Modified 2002-03-06T00:00:00

Description

Vulnerability Description

Microsoft Windows SMTP service contains a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the server not properly handling data transfer (BDAT) requests. By sending a malformed BDAT request, an attacker can potentially crash the server.

Short Description

Microsoft Windows SMTP service contains a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the server not properly handling data transfer (BDAT) requests. By sending a malformed BDAT request, an attacker can potentially crash the server.

References:

OVAL ID: 30 Microsoft Security Bulletin: MS02-012 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=101558498401274&w=2 ISS X-Force ID: 8307 Generic Exploit URL: http://www.digitaloffense.net/mssmtp/mssmtp_dos.pl CVE-2002-0055 Bugtraq ID: 4204