Exchange Server SMTP and NNTP Denial-of-Service Vulnerabilities

Due to improper bounds checking in certain SMTP and NNTP authentication command sequences a buffer overflow exists in Microsoft® Exchange Server 5.5 and 5.0. Which if exploited by a malicious attacker could cause specific Exchange services to stop responding.

Issue

For SMTP protocol:
If a malicious attacker connects to a Microsoft Exchange Server running the Internet Mail Service (TCP/IP port 25) and issues certain sequences of incorrect data, an application error could occur causing the Internet Mail Service to stop responding. This will not directly affect other Exchange-related services.

If the Internet Mail Service fails due to this attack using the SMTP protocol, it can simply be restarted. It does not require a reboot of the operating system.

For NNTP protocol:
If a malicious attacker connects to a Microsoft Exchange Server running the NNTP Service (TCP/IP port 119) and issues certain sequences of incorrect data, an application error could occur causing the Server Information Store to stop responding. If the Exchange Information Store stops responding, it could also cause other Exchange services to fail as well. It would also cause user attempts to connect to their folders on the mail server to fail.

If Exchange Information Store fails due to an attack using the NNTP protocol, the affected services can simply be re-started. It does not require a reboot of the operating system. No existing mail or news articles on the server will be lost. Any active user sessions that were committed when the shutdown occurred will be preserved. However, incomplete transactions may be lost, depending on what client software is used. Users may have to re-type mail or articles that were under composition (if they did not have AutoSave enabled in their mail client, or had not manually saved a Draft copy).

Affected Products

• Exchange Server 5.0 & 5.5

Solution

Microsoft has released hotfixes for Microsoft Exchange Server version 5.0 that are available below:

ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.0/Post-SP2-STORE/
ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.0/Post-SP2-IMS/

Customers running Microsoft Exchange Server version 5.5 should install Service Pack 1, which includes these fixes:

ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.5/SP1

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: September 9, 1998

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<