Exchange Server Subject to Denial of Service

Denial of Service in Exchange Server 5.x
Reported July 25, 1998 by Microsoft and ISS


  • Exchange Server 5.5
  • Exchange Server 5.0 (including 5.0 Service Pack 1 and 2)


When an intruder connects to an Exchange Server"s SMTP or NNTP port and sends certain sequences of incorrect data, an application error may occur, causing either service to stop responding. 

The problem is explained in Knowledge Base articles Q188341 and Q188369 as being related to buffer overflow conditions while parsing AUTHINFO commands.


Load the proper hotfix, located in the MS FTP directory. Fixes are available for English, French, German, and Japanese.

For those who cannot load the hotfix, these attacks can be detected using the Server Monitor feature of Exchange Server Administrator, which can automatically restart the services, should they fail due to this attack.

To learn more about NT Security concerns, subscribe to NTSD

- Originally reported by ISS

Posted on The NT Shop on July 25, 1998

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.