Microsoft Exchange message attribute denial of service
| exchange-msg-attribute-dos (9195) |  Low Risk |
Description:
Microsoft Exchange 2000 is vulnerable to a denial of service attack, caused by an email containing a malformed message attribute. A remote attacker could send a message with a malformed message attribute directly to the Exchange server to cause the server's CPU usage to increase to 100% while trying to process the message. An attacker could then send a series of these messages to cause a denial of service against a vulnerable Exchange 2000 server.
Platforms Affected:
- Microsoft, Exchange Server 2000
Remedy:
Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS02-025. See References.
Consequences:
Denial of Service
References:
- Microsoft Security Bulletin MS02-025, Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources (Q320436) at http://www.microsoft.com/technet/security/bulletin/ms02-025.mspx.
- BID-4881: Microsoft Exchange 2000 Malformed Mail Attribute DoS Vulnerability
- CVE-2002-0368: The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources.
- US-CERT VU#779163: Microsoft Exchange 2000 exhausts server resources while attempting to process malformed mail attributes
Reported:
May 29, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net