[Am-info] Windows SMTP Service Invalid Timestamp Denial of Service
Fred A. Miller
fmiller@lightlink.com
Wed, 16 Jul 2003 18:57:55 -0400
Didn't Gates and/or Ballmer recently make the claim that '2000 and XP were =
a=20
LOT more secure than anything else? 'Coulda fooled me......been a LOT of=20
these alerts lately. :)
=46red
Windows SMTP Service Invalid Timestamp Denial of Service
READ ONLINE:
http://www.secunia.com/advisories/9286/
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
=46rom remote
OPERATING SYSTEM:
Microsoft Windows 2000 Server
SOFTWARE:
Microsoft Exchange 2000 Enterprise Server
Microsoft Exchange Server 2000
DESCRIPTION:
A vulnerability has been identified in Windows 2000 Server and
Exchange Server 2000, which can be exploited by malicious people to
cause a DoS (Denial of Service) on the SMTP service.
The vulnerability is caused due to an error when handling emails with
invalid timestamps. This can be exploited by sending an email with a
specially crafted FILETIME attribute, which will crash the SMTP
service or cause it to stop responding.
According to Microsoft, the vulnerability exists in the following
products:
=2D Microsoft Windows 2000 Server SP2
=2D Microsoft Windows 2000 Server SP3
=2D Microsoft Exchange 2000 Server
SOLUTION:
Apply Windows 2000 Service Pack 4:
http://www.microsoft.com/windows2000/downloads/servicepacks/sp4/default.asp
NOTE: This Service Pack also addresses multiple other issues. For a
list of security fixes see:
http://support.microsoft.com/default.aspx?kbid=3D821665
ORIGINAL ADVISORY:
http://support.microsoft.com/default.aspx?kbid=3D330716
OTHER REFERENCES:
http://www.kb.cert.org/vuls/id/155252
=2D-=20
Planet Earth - a subsidiary of Microsoft=AE.
We have no bugs in our software, Never!,=20
We do have undocumented added features,
that you will find amusing, at no added cost,=20
to you, at this time.