Re: Possible Exchange 5.5 Server DoS

Type securityvulns
Reporter Securityvulns
Modified 2000-09-14T00:00:00


Hello Christer Enberg,

12.09.2000 10:30, you wrote: Possible Exchange 5.5 Server DoS; C> queues and then restart exchange.

C> It seems that the attachment line is the problem, by removing the attachment C> and sending the mail nothing happens.

The problem is probably in Content-Type: field

Content-Type: multipart/mixed; boundary = ""

As you can see boundary (delimeter between MIME parts) is declared empty.

It seems Exchange crashes then it tries to locate end of the part (every part must begin with "--" + boundary and end with boundary.