Microsoft Windows 2000, Windows XP, and Exchange 2000 SMTP data transfer command denial of service
|ms-smtp-data-transfer-dos (8307)||Medium Risk|
The Simple Mail Transfer Protocol (SMTP) service in Microsoft Windows and Exchange is vulnerable to a denial of service attack, caused by an error in the handling of certain requests. If a remote attacker sends a malformed BDAT data transfer command to an affected server, the attacker can cause the SMTP service to fail. The SMTP service must be restarted to regain normal functionality.
Denial of Service
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS02-012. See References.
- Microsoft Knowledge Base Article 313450: MS02-012: A Malformed Data Transfer Request May Cause the Windows SMTP Service to Stop Working.
- Microsoft Security Bulletin MS02-012: Malformed Data Transfer Request can Cause Windows SMTP Service to Fail.
- SecuriTeam Mailing List, Security Holes & Exploits 8 Mar 2002: Windows SMTP Service Denial of Service (BDAT).
- BID-4204: Microsoft SMTP Service Malformed Command Denial of Service Vulnerability
- CVE-2002-0055: SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
- OSVDB ID: 732: Microsoft Windows SMTP Service Malformed BDAT Request Remote DoS
- Microsoft Exchange Server 2000
- Microsoft Windows 2000
- Microsoft Windows XP
Feb 27, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this