Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources for Windows
Key Details of Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources
- Security Update
- Last updated on 1/16/2017
- There have been 7 updates
- Virus scan status:
Clean (it's extremely likely that this software program is clean)
Developer's Description
A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.