Overview
Microsoft Exchange 2000 contains a vulnerability that allows remote attackers to conduct a denial-of-service attack that once begun, cannot be stopped until the crafted message has been completely processed.
Description
Microsoft Exchange 2000 contains a vulnerability in its handling of RFC2822 message headers. If an attacker connects directly to the Exchange server and submits a crafted message containing certain invalid headers, Exchange will consume all available CPU resources to process the message. Due to the way that messages are queued on the Exchange server, restarting the Exchange service or rebooting the server will not remove the message from the queue; it must be completely processed before the server can process any other requests. |
Impact
Attackers can conduct a denial-of-service attack that once begun, cannot be stopped until the crafted message has been completely processed. |
Solution
Apply a patch from your vendor Microsoft has released Microsoft Security Bulletin MS02-025 to address this issue. For more information, please see |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was discovered by researchers at the Johannes Gutenberg University in Mainz, Germany.
This document was written by Jeffrey P. Lanza based on information provided by Microsoft.
Other Information
| CVE IDs: | CVE-2002-0368 |
| Severity Metric: | 6.30 |
| Date Public: | 2002-05-29 |
| Date First Published: | 2002-06-05 |
| Date Last Updated: | 2002-12-06 20:38 UTC |
| Document Revision: | 32 |