Reported May 29, 2002, by Microsoft.
· Microsoft Exchange 2000 Server
A Denial of Service (DoS) condition
exists in Exchange 2000. This vulnerability stems from a problem in the way
Exchange 2000 handles certain malformed Request for Comments (RFC) message
attributes on received mail. An attacker can use these malformed messages to
cause the Store service to consume 100 percent of CPU resources until the mail
message is processed. Because the Exchange server still would have to process
the malformed message, rebooting the server or restarting the service would
have no effect on reducing the amount of consumed CPU resources.