Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:700
HistorySep 21, 2000 - 12:00 a.m.

RE: Re[3]: Possible Exchange 5.5 Server DoS [msrc 421]

2000-09-2100:00:00
vulners.com
697
JSON

Hello 3APA3A,

Thanks again for your note. Due to the timeframe of Exchange SP4 we will
including a fix for this issue in that Service Pack.

If you want any future status on this issue please refer to MSRC 421.

Regards,
[email protected]

-----Original Message-----
From: 3APA3A [mailto:[email protected]]
Sent: Thursday, September 14, 2000 9:22 AM
To: Microsoft Security Response Center
Subject: Re[3]: Possible Exchange 5.5 Server DoS [msrch-au]

Hello Microsoft,

I didn't tested it yet, but according to Bugtraq post the problem here
is that Exchange server can be crashed by malicious mail. Mail should
be very easy, for example:

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

From: 3APA3A <[email protected]>
To: Microsoft Security Response Center <[email protected]>
Subject: Test
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary = ""

This is a multi-part message in MIME format.

Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

This test message should crash Exchange


Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

This test message should crash Exchange

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exchange crashes then parsing message because of
boundary = ""

If you can point me any of your Exchange 5.5 servers with SMTP enabled
I can try to crash it remotely.

Thursday, September 14, 2000, 6:25:36 PM, you wrote:

MSRC> Hello 3APA3A,

MSRC> Thanks for your note. Not sure what action we need to take here, but
we
MSRC> appreciate the information you included. There was a KB article that
we also
MSRC> forwarded to Christer.

MSRC>
http://support.microsoft.com/support/kb/articles/Q183/5/98.ASP?LN=EN-US&amp;SD=g
MSRC> n&FR=1

MSRC> We also told him to work with PSS if he needs to isolate the problem
MSRC> further.

MSRC> Regards,
MSRC> [email protected]

MSRC> -----Original Message-----
MSRC> From: 3APA3A [mailto:[email protected]]
MSRC> Sent: Thursday, September 14, 2000 5:55 AM
MSRC> To: Microsoft Security Response Center
MSRC> Subject: Fwd: Re: Possible Exchange 5.5 Server DoS

MSRC> This is a forwarded message
MSRC> From: 3APA3A <[email protected]>
MSRC> To: Christer Enberg <[email protected]>
MSRC> Date: Thursday, September 14, 2000, 4:48:50 PM
MSRC> Subject: Possible Exchange 5.5 Server DoS

MSRC> ===8<==============Original message text===============
MSRC> Hello Christer Enberg,

MSRC> 12.09.2000 10:30, you wrote: Possible Exchange 5.5 Server DoS;
C>> queues and then restart exchange.

C>> It seems that the attachment line is the problem, by removing the
MSRC> attachment
C>> and sending the mail nothing happens.

MSRC> The problem is probably in Content-Type: field

MSRC> Content-Type: multipart/mixed;
MSRC> boundary = ""

MSRC> As you can see boundary (delimeter between MIME parts) is declared
MSRC> empty.

MSRC> It seems Exchange crashes then it tries to locate end of the part
MSRC> (every part must begin with "–" + boundary and end with boundary.

MSRC> /3APA3A


/3APA3A
Если даже вы получите какое-нибудь письмо, вы все равно не сумеете его
прочитать. (Твен)

JSON