Microsoft Exchange 2000 Heap Overflow
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2003-0714
Date du conseil: 21 juillet 2015
Description
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000157
Trend Micro Deep Security DPI Rule Name: 1000157 - Microsoft Exchange Heap Overflow
Affected software and version:
- Microsoft Exchange Server 2000
- Microsoft Exchange Server 2000 SP1
- Microsoft Exchange Server 2000 SP2
- Microsoft Exchange Server 2000 SP3
- Microsoft Exchange Server 5.5
- Microsoft Exchange Server 5.5 SP1
- Microsoft Exchange Server 5.5 SP2
- Microsoft Exchange Server 5.5 SP3
- Microsoft Exchange Server 5.5 SP4