Microsoft Security Bulletin MS02-037 Q326322


The Internet Mail Connector (IMC) enables Microsoft Exchange Server to communicate with other mail servers via SMTP. When the IMC receives an SMTP extended Hello (EHLO) protocol command from a connecting SMTP server, it responds by sending a status reply that starts with the following: 250-HelloWhere:is the fully-qualified domain name (FQDN) of the Exchange serveris either the FQDN or the IP address of the server that initiated the connection. The FQDN would be used if the Exchange5.5 IMC is able to resolve this information through a reverse DNS lookup, the IP address would be used if a reverse DNS lookup was not possible or failed to resolve the connecting servers IP address.A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the total length of the message exceeds a particular value, the data would overrun the buffer. If the buffer were overrun with random data, it would result in the failure of the IMC. If, however, the buffer were overrun with carefully chosen data, it could be possible for the attacker to run code in the security context of the IMC, which runs as Exchange5.5 Service Account.It is important to note that the attacker could not simply send data to the IMC in order to overrun the buffer. Instead, the attacker would need to create a set of conditions that would cause the IMC to overrun its own buffer when it generated the EHLO response. Specifically, the attacker would need to ensure that a reverse DNS lookup would not only succeed, but would provide an FQDN whose length was sufficient to result in the buffer overrun.

The Internet Mail Connector (IMC) enables ...

  • Microsoft Security Bulletin MS02-037 Q326322
  • 5am Code
  • Windows 2000, Windows NT
  • Shareware
  • 1.1 Mb
  • 247

Review Microsoft Security Bulletin MS02-037 Q326322

  • captcha

Other software of 5am Code
  • 2007 Microsoft Office Suite Service Pack 1  v.1.0The 2007 Microsoft Office suite Service Pack 1 delivers important customer-requested stability and performance improvements, while incorporating further enhancements to user security. This service pack also includes all of the updates released for ...
  • 2007 Office System Converter: Microsoft Filter Pack  v.1.0Will install and register IFilters with the Microsoft Windows Indexing Service.The package will install and register IFilters with the Microsoft Windows Indexing Service. These IFilters are used by Microsoft Search products to index the contents of ...

New Miscellaneous software
  • COBRA multi Apps  v.8.7Cobra Multi app Software FOR Windows Desktop your Personal Swiss Amryknife For Window App Cobra Multi Applications for Windows Desktop 7-8-10 os sys Cobra Multi AppsCobra Multi app is a handy and fast utility with 21 different window applications ...
  • SimpleMonitorOff  v.1.0.2Powers off your screen (or screens) when you lock your computer.
  • Click and Relax  v.1.0Relaxing nature sounds, wherever you are.
  • Folder Colorizer 2  v.2.0.10Folder Colorizer 2 introduces a color-changer option in the Context Menu which allows you to simply right click on a folder to change its color.
  • Microsoft Security Bulletin MS02-036 Q317138Microsoft Metadirectory Services (MMS) is a centralized metadirectory service that provides connectivity, management, and interoperability functions to help unify fragmented directory and database environments. It enables enterprises to link together ...
  • Microsoft Security Bulletin MS02-039 Q323875SQL Server 2000 introduces the ability to host multiple instances of SQL Server on a single physical machine. Each instance operates for all intents and purposes as though it was a separate server. However, the multiple instances cannot all use the ...