Business Publications

Topic: RSS Feed
Comments

MS02-037: Server response to simple mail transport protocol client EHLO command results in buffer overrun. (Microsoft: security alerts and advisories issued).(Brief Article)(Product Announcement)

Information Systems Auditor, September, 2002

Issue

A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the total length of the message exceeds a particular value, the data would overrun the buffer. If the buffer were overrun with random data, it would result in the failure of the IMC. If, however, the buffer were overrun with carefully chosen data, it could be possible for attackers to run code in the security context of the IMC, which runs as Exchange5.5 Service Account.

It is important to note that attackers could not simply send data to the IMC in order to overrun the buffer. Instead, they would need to create a set of conditions that would cause the IMC to overrun its own buffer when it generated the...

Read the rest of this article with a Free Trial at HighBeam Research.
Premium Content Partnership | HighBeam Research provides an in-depth online archive library of reference works. HighBeam Research
 

BNET TalkbackShare your ideas and expertise on this topic

Please add your comment:
  1. You are currently: a Guest |
  4.  

Basic HTML tags that work in comments are: bold (<b></b>), italic (<i></i>), underline (<u></u>), and hyperlink (<a href></a)

advertisement
advertisement
  • Click Here
  • Click Here
  • Click Here
  • Click Here
advertisement
Click Here
Presented by American Express