Microsoft Exchange EHLO Long Hostname Overflow

2002-07-24T00:00:00
ID OSVDB:852
Type osvdb
Reporter Dan Ingevaldson(sales@iss.net)
Modified 2002-07-24T00:00:00

Description

Vulnerability Description

A remote overflow exists in Exchange. The Internet Mail Connector fails to validate input received from a reverse DNS lookup request resulting in a buffer overflow. With an EHLO command and a specially crafted DNS response, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Exchange. The Internet Mail Connector fails to validate input received from a reverse DNS lookup request resulting in a buffer overflow. With an EHLO command and a specially crafted DNS response, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Other Advisory URL: http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 Nessus Plugin ID:11053 Microsoft Security Bulletin: MS02-037 ISS X-Force ID: 9658 CVE-2002-0698 CIAC Advisory: m-100 Bugtraq ID: 5306