1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.
  2. A secção Microsoft/Windows encontra-se actualmente em processo de reestruturação.
    Remover anúncio

vulnerabilidades no Exchange 2000

Discussão em 'Windows Desktop e Surface' iniciada por Andr0m3da, 30 de Maio de 2002. (Respostas: 1; Visualizações: 1061)

  1. Andr0m3da

    Andr0m3da Power Member

    Microsoft has warned -at
    http://www.microsoft.com/technet/security/bulletin/MS02-025.asp- of a
    vulnerability in Exchange 2000, which could allow an attacker to launch a
    denial of service attack on the mail server, using a malformed message.
    Microsoft has also released the patch to fix this vulnerability.

    The vulnerability lies in the way that Exchange 2000 handles certain
    malformed messages. Instead of immediately rejecting the message, Exchange
    attempts to process it and causes the Store service to use 100% of the CPU
    capacity. While the Store process is performed in the Exchange server no
    other task can be carried out, resulting in a denial of service.

    Unlike other denial of service attacks, restarting the service or switching
    off and restarting the server does not solve the problem, as when Exchange
    was restarted, the process of storing the malformed message would continue.
    For this reason, after an attack of this kind, it would be necessary to wait
    for this process to finish before Exchange could continue working as normal.

    In order to launch an attack, the message would have to be sent through a
    direct connection to the Exchange 2000 server, as the vulnerability cannot
    be exploited from a standard mail client such as Outlook.

    The patch for Exchange 2000 is available at:
    http://www.microsoft.com/Downloads/Release.aspReleaseID=38951
     
  2. Korben_Dallas

    Korben_Dallas Zwame Advisor

    Essa não conhecia... 100% do CPU? :eek:

    Mais vale rejeitar o raio da mensagem...
     

Partilhar esta Página