GEN:SID | 1:658 |
Message | SMTP exchange mime DOS |
Summary | This event is generated when a denial of service is attempted on a Microsoft Exchange mail server.
|
Impact | Denial of service. This will cause the Exchange server to fail.
|
Detailed Information | A vulnerability exists in Microsoft Exchange 5.5 that causes a denial of service if a MIME header contains the string 'charset = ""'. The Exchange server does not properly handle this MIME header string, causing it to crash.
|
Affected Systems | Microsoft Exchange server 5.5
|
Attack Scenarios | An attacker can supply a malicious string in the MIME header causing the Exchange server to fail.
|
Ease of Attack | Easy. An attacker can telnet to port 25 of the Exchange server, start a dialogue with the server, and supply the malicious string in the MIME header.
|
Corrective Action | Apply the appropriate patch or upgrade to Exchange 5.5 service Pack 4.
|
Additional References | Microsoft: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms00-082.asp
Miscellaneous: http://packetstormsecurity.nl/0011-exploits/exchange.dos.txt
|
Rule References | nessus: 10558
cve: 2000-1006
bugtraq: 1869
url: www.microsoft.com/technet/security/bulletin/MS00-082.mspx
|