- Quick specs
- Price: Update
- Operating system: Windows 2000/NT/2000 SP 2
- Date added: May 28, 2002
- Total Downloads: 360
- Downloads last week: Unavailable
- See full specifications
- Average user rating: Be the first to rate this product!
Publisher's description
From Microsoft :To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.
A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.
More popular Encryption Software downloads
- 34,431 downloads 1. Hotspot Shield
- 11,215 downloads 2. RoboForm
- 8,899 downloads 3. Computer Use Reporter
- 6,431 downloads 4. Folder Lock
- 4,399 downloads 5. RAR Password Cracker
- See all Encryption Software downloads
User reviews
Write your own review Be the first one to review Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources Q320436 and share your experience with the CNET community!
Submit your review
- See more CNET content tagged:
- Microsoft Exchange 2000 Server,
- Microsoft Exchange Server,
- RFC,
- denial of service,
- flaw
