VULHUB ™

A problem exists in Microsoft Exchange 2000 when running with Norton AntiVirus for Microsoft Exchange. A host running this combination of software can be tricked into disclosing mail directory paths to an attacker. Message attachments sent to an affected host will be scanned for malicious content by Norton AntiVirus for Microsoft Exchange. Upon rejection, the message will be bounced back to the sender with notification of why the message was rejected. When this happens, the path to the intended recipient's INBOX is sent in the message header of the rejection notification. The expected behavior is that the header in the returned message will only contain the destination address of the user and not the path of the user's INBOX. This can be exploited by an attacker who intentionally crafts a message to a user on the host which contains an attachment which will be rejected by the host.

A problem exists in Microsoft Exchange 2000 when running with Norton AntiVirus for Microsoft Exchange. A host running this combination of software can be tricked into disclosing mail directory paths to an attacker. Message attachments sent to an affected host will be scanned for malicious content by Norton AntiVirus for Microsoft Exchange. Upon rejection, the message will be bounced back to the sender with notification of why the message was rejected. When this happens, the path to the intended recipient's INBOX is sent in the message header of the rejection notification. The expected behavior is that the header in the returned message will only contain the destination address of the user and not the path of the user's INBOX. This can be exploited by an attacker who intentionally crafts a message to a user on the host which contains an attachment which will be rejected by the host.