• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• RSS
• News
• Vulns
• Product Search

• info
• discussion
• exploit
• solution
• references

Microsoft Exchange Server AUTH / XAUTH / AUTHINFO DoS Vulnerabilities

Due to overflowable buffers in Exchange Server, it is possible for an attacker to remotely cause the Internet Mail Service or Information Store to stop responding.
Internet Mail Service handles SMTP (email) functionality for Exchange Server. If an attacker connects to port 25 and issues a long AUTH or XAUTH command, the service will stop responding. Other Exchange services should continue to function normally, and IMS can be restarted without rebooting the OS to restore full functionality.
The Information Store handles NNTP (newsgroups) functionality for Exchange Server. If an attacker connects to port 119 and issues a long AUTHINFO command, the service will stop responding. Other Exchange services may fail after the Information Store crashes, and all functionality can be restored by restarting the Information Store service without having to reboot the OS.