To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.
A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.
Microsoft Exchange 2000 SP2
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Help Desk Knowledge Base - Click-Through Demo This is a portable, interactive demo that closely simulates the UI and functionality of an actual solution. Installs to your Start menu and includes a presenter script. Scenario Summary: IT help desk knowledge base solutions based on the Microsoft Office S
ClearType Tuner ClearType Tuner fine tunes the ClearType technology via the Control Panel, making it easier to read text on your screen. A necessity for LCD screens (portables and flat screens) -- Or try it On-Line. As a bonus you get Consolas ClearType Font Pack.Requirem
Gigabyte GA-MA770-US3 (rev. 1.0) Microsoft UAA Driver Specifications:CPU: - Support for Socket AM3 / AM2+ / AM2 processors: AMD Phenom FX processor/ AMD Phenom X4 processor/ AMD Phenom X3 processor/ AMD Athlon X2 processor/ AMD Athlon processor/ AMD Sempron X2 processor/ AMD Sempron processor Hyper Transport
Visual Studio 2005 Team Foundation Server MSSCCI Provider The Visual Studio Team Foundation Server MSSCCI Provider enables integrated use of Team Foundation Version Control with products that do not support Team Explorer integration. This version is the first release on CNET Download.com.What is new in this relea
Company Portal for Windows 8 The Company Portal app helps you search, browse and install apps made available to you by your company, through the Microsoft Windows Intune online service. Apps can be installed without requiring a connection to your corporate network. You can also enroll
Cryptographic Service Provider Developer's Toolkit (CSPDK) The Cryptographic Service Provider Developer's Kit is eligible for export from the U.S. to all customers worldwide, except to U.S. embargoed destinations. Other countries may exercise separate jurisdiction over the import, export, or use of encryption prod
CTLREG Before you can use an OLE Control, you must register it with the system. Registering an OLE Control places information about the control in the system registry. Once the control has been registered, applications and development environments can search the
Update for Outlook 2003 Junk E-mail Filter (KB923095) This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in October 2006. This version is the first release on CNET Downl
Flight Simulator 95 ILS Patch This self-extracting, self-installing file (FEPATCH.EXE, 155K) patches one file in Flight Simulator for Windows 95. This patch solves the problem of missing ILS transmitters and incorrect ATIS messages in 3rd party scenery which overlays default scenery. T
Microsoft Surface Integration Driver for Windows 10 64-bit The package provides the installation files for Microsoft Surface Integration Driver version 2.0.304.0.In order to manually update your driver, follow the steps below (the next steps):1. Go to Device Manager (right click on My Computer, choose Manage and t
Cipher Image Hide your valuable information from unauthorized access. Use this easy software for encoding images and hiding valuable textual info into the image (steganographie). Several encrypted images together with hidden text could be saved into one file. Easy to u
Media Fortress Media Fortress is a media viewer/explorer that provides 256 AES Encryption. Resize your media, view slide shows, control volume, rewind and fast forward. Modeled after windows file explorer, the program is user friendly and features instant hot key invisib
User Logger From the developer: Logs computer usage information about who used the computer it is installed on, and when. Optionally include all sorts of other useful information, such as what programs were being used and computer ID info. Optional Screen Captures at
Accent ZIP Password Recovery Extremely fast Zip/ZipX GPU password recovery (.zip and .zipx files). Supports various types of encryption: ZIP/Classic and WinZip AES. Striking code optimization for Intel and AMD processors. Uses GPU computing - works applying AMD and NVIDIA video cards.
Locker Pro Main program functions: limitation of access to any folders including those of the system. Blocking discs and disc sections. Hiding discs and disc sections (including CD/DVD-ROM drives). File protection by encryption. Powerful search engine. Files are encr
Secure File Access SFA - is a high-tech combination of extremely secure data protection solution and real easy to use and manage system.
Smart technology of SFA requires no installation, no drivers, no passwords, and uses allowed USB flash drives as access keys, thus, our
Security Square This program blocks unauthorized users without the correct password from accessing your system. It allows you to create your own password for logging in. You can change your password anytime and you can see last log in date and time. It runs right before y
Windows XP RDP Protocol Security Vulnerability Patch This patch eliminates two vulnerabilities affecting the implementation of the RDP protocol: The first vulnerability involves the way in which session encryption is implemented in certain versions of RDP. All RDP implementations permit the data in an RDP s
Microsoft Excel 2000 Cumulative Update Patch This Excel 2000 Update provides you with the latest security and performance improvements available for Microsoft Excel 2000. This update prevents Excel from potentially running macros without warning. This update is part of Microsoft's continued effort to
Quicky Password Generator The Quicky Password Generator is designed to be fast, efficient, and small. It generates up to 5000 passwords of 4 to 20 characters in length at a time. The passwords are displayed and can be copied to your clipboard. There are options for alphanumeric, up
Supported Operating Systems:
Windows 2000 |
Comments on Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10