Microsoft Exchange Malformed Mail Attribute DoS

2002-05-29T00:00:00
ID OSVDB:863
Type osvdb
Reporter Computing Center, Johannes Gutenberg University()
Modified 2002-05-29T00:00:00

Description

Vulnerability Description

Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted email message containing invalid SMTP headers which will cause the server to consume all available CPU resources, and will result in loss of availability for the platform.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted email message containing invalid SMTP headers which will cause the server to consume all available CPU resources, and will result in loss of availability for the platform.

References:

Microsoft Security Bulletin: ms02-025 ISS X-Force ID: 9195 CVE-2002-0368 CERT VU: 779163 Bugtraq ID: 4881