Reported July 24, 2002, by Microsoft.

VERSION AFFECTED

 

  • Microsoft Exchange Server 5.5

 

DESCRIPTION

 

A buffer overrun vulnerability exists in Microsoft Exchange Server 5.5 that can let an attacker remotely compromise the server. This vulnerability is the result of an unchecked buffer in the Internet Mail Connector (IMC) code that generates the response to the Extended Hello protocol command. If an attacker sends random data in a message in which the total length of the message exceeds a specific value, the data can overrun the buffer and cause the IMC to fail. If an attacker overruns the buffer with specific data, the attacker can run code under the security context of the IMC, which by default runs as an Exchange 5.5 Service Account.

 

VENDOR RESPONSE

 

The vendor, Microsoft, has released Security Bulletin MS02-037 ("Server Response To SMTP Client EHLO Command Results In Buffer Overrun") to address this vulnerability and recommends that affected users download and apply the appropriate patch mentioned in the bulletin.

 

CREDIT
Discovered by Dan Ingevaldson of Internet Security Systems.