To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.
A security vulnerability results because it is possible for an attacker to seek to exploit this flaw and mount a denial of service attack. An attacker could attempt to levy an attack by connecting directly to the Exchange server and passing a raw, hand-crafted mail message with a specially malformed attribute. When the message was received and processed by the Store service, the CPU would spike to 100%. The effects of the attack would last as long as it took for the Exchange Store service to process the message. Neither restarting the service nor rebooting the server would remedy the denial of service.
Microsoft Exchange 2000 SP2
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
The Harvest for Windows 8 The Harvest for Windows 8 is a science-fiction-themed action RPG set, in this the hostile aliens are out to turn Earth's organic life into cyborgs. These aliens, known as The Harvesters, use humans and animals to create cyborgs: crude amalgamations of fles
System Update Readiness Tool for Windows 7 (32-bit) System Update Readiness Tool for Windows 7 (32-bit) is being offered because an inconsistency was found in the Windows servicing store which may prevent the successful installation of future updates, service packs, and software. This tool checks your compu
Flight Simulator 2004: A Century of Flight aircraft editor This is the official aircraft editing program for Flight Simulator 2004: A Century of Flight. With this program you can add or delete aircraft, or modify the look or performance of any of the existing aircraft.Requirements:Windows 98/Me/2000/XP
Microsoft SQL Server 2005 Express Edition Service Pack 3 Microsoft SQL Server 2005 Express Edition (SQL Server Express) is a free, easy-to-use, lightweight version of SQL Server 2005. It is fast and easy to learn, allowing you to quickly develop and deploy dynamic data-driven applications. SQL Server Express pro
Microsoft Excel 2000 Cumulative Update Patch This Excel 2000 Update provides you with the latest security and performance improvements available for Microsoft Excel 2000. This update prevents Excel from potentially running macros without warning. This update is part of Microsoft's continued effort to
Update for InfoPath 2003 (KB920103) Microsoft has released an update for Microsoft Office InfoPath 2003. This update provides the latest fixes to InfoPath 2003. Additionally, this update contains stability and performance improvements. This version is the first release on CNET Download.com.W
Office 2003 Editions: PowerPoint VBA Language Reference Office 2003 Editions: PowerPoint VBA Language Reference contains the Microsoft Office PowerPoint Visual Basic for Applications (VBA) Language Reference as a compiled Help file. This contains documentation (such as programming references and technical artic
Visio 2007 Software Development Kit The Microsoft Office Visio 2007 Software Development Kit (SDK) contains the latest documentation, samples, header files, libraries, and tools that you need to develop custom solutions for Microsoft Office Visio 2007. This version is the first release on CN
Windows 2000 Predictable Name Pipes Vulnerability Patch Predicatable Name Pipes Could Enable Privilege Elevation via Telnet" security vulnerability in the Windows 2000 Telnet service. Download now to prevent a malicious user from launching programs on your computer, gaining access to your network, or initiating
Super Spy Super Spy is software, which is used to monitor computer usage secretly. It can automatically record password entered, Web site visited, e-mail messages written, online chats, Keystrokes produced, Word / Excel created etc., and time stamp all these activit
Save Keys Undetectable Save Keys Undetectable is an invisible key recorder that secretly logs every key typed into the keyboard. Other information such as window titles, program names and paths, and clipboard text also can be recorded. The program has improved encryption for fas
FastSum Standard Edition FastSum Standard Edition let you take control of your data.Fingerprint your important files now and check the integrity after a network transfer or a CD burning simply by taking the fingerprints again and comparing them with the previously made ones. In th
AS-MD5 AS-MD5 calculates the MD5 value of files for validation. MD5 (Message-Digest 5) is a 128-bit so called hash algorithm that can be used to compare information. The program can integrate with Windows so you can check a file by right-clicking on it and select
Atomic RAR Password Recovery Atomic RAR Password Recovery is a software designed to restore the password for the archives created by WinRAR. Due to the structure of the RAR-file, encryption in RAR is quite strong, so the password cannot be found instantly as it takes a lot of resource
Kryptelite Kryptelite (Formerly Kryptel Lite) is a free version of Kryptel. While it lacks some advanced Kryptel features, it is a fast and easy-to-use program, which will perfectly suit your needs if your security demands are not very high.
CodeInventors NCrypt CodeInventors NCrypt is an application to encrypt (and decrypt) files of any type. Protect your documents, pictures, and videos from prying eyes using AES 256 encryption. Features include provide a key up to 32 characters in length, decide what to do with
File Own Guard File Own Guard is designed for strong file encryption with multichoice, on-the-fly compression with a range of crypto-algorithms (AES, MARS, RC6, Serpent, Twofish) and secure file removal (shredding) using one of eight special algorithms (including DoD mil
Uconomix Encryption Engine Uconomix Encryption Engine is an easy to use file encryption software. It allows you to protect the privacy of your sensitive files and folders by encrypting them with strong encryption algorithm and a password. Uconomix Encryption Engine can batch encrypt
Supported Operating Systems:
Windows 2000 |
Comments on Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10