Denial of Service in Exchange Server 5.x VERSIONS AFFECTED
DESCRIPTION When an intruder connects to an Exchange Server"s SMTP or NNTP port and sends certain sequences of incorrect data, an application error may occur, causing either service to stop responding. The problem is explained in Knowledge Base articles Q188341 and Q188369 as being related to buffer overflow conditions while parsing AUTHINFO commands. SOLUTION Load the proper hotfix, located in the MS FTP directory. Fixes are available for English, French, German, and Japanese. For those who cannot load the hotfix, these attacks can be detected using the Server Monitor feature of Exchange Server Administrator, which can automatically restart the services, should they fail due to this attack. To learn more about NT Security concerns, subscribe to NTSD Credits- Originally reported by ISS Posted on The NT Shop on July 25, 1998 |
Exchange Server Subject to Denial of Service
0 comments
Hide comments