To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.
A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.
Microsoft Exchange 2000 SP2
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Security Update for Excel Viewer 2003 (KB925525) A security vulnerability exists in Microsoft Office Excel Viewer 2003 that could allow remote code execution. This update resolves that vulnerability. This version is the first release on CNET Download.com.What is new in this release:This version is the fi
Live Meeting 2003 Add-In for IBM Lotus Notes With this Microsoft Office Live Meeting Add-In, you can use IBM Lotus Notes to perform Live Meeting Web conferencing tasks, such as scheduling meetings without logging into the Conference Center. This version is the first release on CNET Download.com.What
Microsoft Office Project 2007 Certification Datasheet Use this two-page, print-ready brochure to learn how Microsoft Office Project 2007 certifications can help you grow your project management skills and your career. Project certifications complement industry-standard methodologies and were developed to help
Microsoft Dynamics NAV 2009 Developer Tools Microsoft Dynamics NAV 2009 Developer Tools assist in developing, upgrading, and managing Microsoft Dynamics NAV 2009. The tools are aimed at supporting Microsoft Dynamics NAV 2009 NAV Server, RoleTailored client and C/SIDE development environment.Requirem
SQLDMO SQLDMO is a technical article illuminates the functionality present in the SQL-DMO server architecture. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET Download.com.Requirements:W
Hands-on Labs for Windows Workflow Foundation in C# and VB.NET Windows Workflow Foundation is the programming model, engine and tools for quickly building workflow enabled applications on Windows. This download is a set of 10 Hands-on Labs for Windows Workflow Foundation in C# and VB.NET versions. These labs are suita
Windows XP Video Decoder Checkup Utility Windows XP Video Decoder Checkup Utility helps you determine if an MPEG-2 video decoder (also called a DVD decoder) is installed on your Windows XP computer and whether or not the decoder is compatible with Windows Media Player 10 and Windows XP Media Cent
PHP Code Protector Php code Protector offers to protect your Website the passwords that it contains and the html and the php content with advanced encryption and hyperfast decoding thus ensuring complete safety to your Website. Demo full featured only for one predefined pro.
Password Recovery for MySpaceIM Password Recovery for MySpaceIM finds and shows MySpace passwords saved by MySpaceIM (instant messenger created by MySpace) on your local system. Your MySpace password will be decrypted if you can successfully login with MySpaceIM without entering your pas
123 Video Encryption Magic 123 Video Encryption Magic is a convenient way to securely lock down video files on your PC. Simply choose the video files to encrypt, and they only become available only in Media Vault, protected by a master password you enter once at the start of each s
BitCrypter BitCrypter is a high-performance executable packer and protector for Windows 32-bit (Win32) executable files.
BitCrypter can encrypt and compress any 32-bit executable without affecting its direct functionality. For instance, if you're a software develo
Password Pop-up From the developer: "Password Popup provides a secure and unbelievably easy way to keep track of User ID and Password information. These days there are passwords for everything, and you might be surprised when you start counting how many you actually keep
DEA Encryption A Windows based file encryption utility.
Uses a 16-character key which is much stronger protection than password-based systems.
Uses 128-bit encryption with byte-order scrambling for maximum protection.
Can be used to encrypt data files or any typ
FolderWatch FolderWatch is a program that monitors changes to a number of folders on your computer and makes copies of files found in monitored folders. FolderWatch works in background and makes copies of your work as soon as changes are made to files. In fact, once y
Bildsoft SecureDNA 2007 Bildsoft SecureDNA 2007 is the new fast and easy encryption suite developed by Bildsoft, which provides high-level encryption for every PC user. The software features are: 256-bit AES encryption of any kind of files and folders; E-mail encryption; USB Stor
Handy Encryption (Portable) Handy Encryption (Portable) is a program to secure your confidential files such as document encryption, e-mail message, secret data encryption, or anything that important to you, your family or businesses. Encryption couldn't be that easy and lightweight w
Supported Operating Systems:
Windows 2000 |
Comments on Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10