The information in this article applies to:
SYMPTOMSA malicious attacker might connect to the SMTP port of an Microsoft Exchange Server 5.0 or 5.5 computer and disrupt the Internet Mail Service by issuing specific sequences of AUTH or XAUTH commands. When this occurs, the following error message may be displayed:
CAUSEImproper checking of bounds conditions on certain AUTH or XAUTH command sequences may result in a buffer overflow. STATUSMicrosoft has confirmed this to be a problem in Microsoft Exchange Server
version 5.0. ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.0/Post-SP2-IMS/Microsoft has confirmed this to be a problem in Microsoft Exchange Server version 5.5. This problem has been corrected in the latest U.S. service pack for Microsoft Exchange Server version 5.5. For information on obtaining the service pack, query on the following word in the Microsoft Knowledge Base (without the spaces):
Additional query words: base64 extended hello helo ims connector imc
Keywords : exc5 exc55 |
Last Reviewed: August 3, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |