Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
 
Keep TACKtech.com free by purchasing something from our sponsors.
Make a financial contribution
  Technical Updates @ TACKtech Corp.  

10.15.2003 - MS03-046: Vulnerability in Exchange Server Could Allow Arbitrary Code Execution (829436)



View Microsoft-Exchange related news. In Exchange Server 5.5, a security vulnerability exists in the Internet Mail Service that could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb request that could allocate a large amount of memory. This could shut down the Internet Mail Service or could cause the server to stop responding because of a low memory condition.

In Exchange 2000 Server, a security vulnerability exists that could allow an unauthenticated attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted extended verb request. That request could cause a denial of service that is similar to the one that could occur on Exchange 5.5. Additionally, if an attacker issues the request with carefully chosen data, the attacker could cause a buffer overrun that could allow the attacker to run malicious programs of their choice in the security context of the SMTP service.

- Download Exchange Server 5.5 SP4 Patch
- Download Exchange Server 2000 SP3 PAtch
- View Microsoft Knowledge Base Article - 829436
- View Microsoft Security Bulletin
- View Microsoft End User Security Bulletin
- Visit Microsoft Corporation

NID: 1486 / Submitted by: Travis
Categories: Email Applications, Internet Applications, Microsoft, Patches and Updates, Server Applications
Most recent Microsoft-Exchange related news.
MS09-003 - Critical: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
MS08-039 - Important: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)
Microsoft Exchange Hosted Services Directory Synchronization Tool 8.1
Update Rollup 4 for Exchange Server 2007 (KB940006)
MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)
View archive of Microsoft-Exchange related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........