Re: Possible Exchange 5.5 Server DoS

2000-09-14T00:00:00
ID SECURITYVULNS:DOC:683
Type securityvulns
Reporter Securityvulns
Modified 2000-09-14T00:00:00

Description

Hello Christer Enberg,

12.09.2000 10:30, you wrote: Possible Exchange 5.5 Server DoS; C> queues and then restart exchange.

C> It seems that the attachment line is the problem, by removing the attachment C> and sending the mail nothing happens.

The problem is probably in Content-Type: field

Content-Type: multipart/mixed; boundary = ""

As you can see boundary (delimeter between MIME parts) is declared empty.

It seems Exchange crashes then it tries to locate end of the part (every part must begin with "--" + boundary and end with boundary.

/3APA3A