Описание
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
Ссылки
- Mailing ListThird Party Advisory
- Third Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
- ExploitPatchThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
- ExploitPatchThird Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:5.5:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.66997
Средний
7.5 High
CVSS2
Дефекты
CWE-400
Связанные уязвимости
github
почти 4 года назад
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
EPSS
Процентиль: 99%
0.66997
Средний
7.5 High
CVSS2
Дефекты
CWE-400