Microsoft Security Bulletin MS05-021:
Vulnerability in Exchange Server Could Allow Remote Code Execution (894549)
Bulletin URL:
<http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx>
Version Number: 1.0
Issued Date: Tuesday, April 12, 2005
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Patch(es) Replaced: This bulletin replaces a prior security update. See the
frequently asked questions (FAQ) section of this bulletin for the complete list.
Caveats: None
Tested Software:
Affected Software:
------------------
* Microsoft Exchange 2000 Server Service Pack 3
<http://tinyurl.com/5usww>
* Microsoft Exchange Server 2003
<http://tinyurl.com/6rytx>
* Microsoft Exchange Server 2003 Service Pack 1 Exchange 2000 Server Service
Pack 3
<http://tinyurl.com/3v7h5>
Technical Description:
----------------------
* Exchange Server Vulnerability - CAN-2005-0560: A remote code execution
vulnerability exists in Microsoft Exchange Server that that could allow an
attacker to connect to the SMTP port on an Exchange server and issue a
specially-crafted command that could result in a denial of service or allow an
attacker to run malicious programs of their choice in the security context of
the SMTP service.
This email is sent to NTBugtraq automagically as a service to my subscribers.
(v4.01.1928.12470)
Cheers,
Russ Cooper - Senior Scientist - Cybertrust/NTBugtraq Editor
--
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an
Anti-Virus product which automatically notifies the perceived sender of a
message it believes is infected may well cause more harm than good. Someone who
did not actually send you a virus may receive the notification and scramble
their support staff to find an infection which never existed in the first
place. Suggest such notifications be disabled by whomever is responsible for
your AV, or at least that the idea is considered.
--
