VULHUB ™

A vulnerability in how Microsoft Exchange 2000 handles malformed RFC-defined mail attributes makes it possible for remote attackers to cause a denial of service condition. Attackers may exploit this issue by connecting to a vulnerable Microsoft Exchange 2000 server and sending a custom-crafted mail which contains malformed attributes. The system will consume a large amount of resources when the mail is processed, causing a denial of service. ** There has been a single report that the Microsoft patch for this issue may cause problems in certain configurations involving mailboxes in the same domain that do not reside on Exchange servers. This issue has not been confirmed by Microsoft. See the References section for details.

A vulnerability in how Microsoft Exchange 2000 handles malformed RFC-defined mail attributes makes it possible for remote attackers to cause a denial of service condition. Attackers may exploit this issue by connecting to a vulnerable Microsoft Exchange 2000 server and sending a custom-crafted mail which contains malformed attributes. The system will consume a large amount of resources when the mail is processed, causing a denial of service. ** There has been a single report that the Microsoft patch for this issue may cause problems in certain configurations involving mailboxes in the same domain that do not reside on Exchange servers. This issue has not been confirmed by Microsoft. See the References section for details.