Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMTP:EXCHANGE:INV_BDAT_SEC_LEN

Severity

 High

Recommended

 No

Category

 SMTP

Release Date

 2003/12/19

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Invalid BDAT Section Length


This protocol anomaly is a BDAT with a chunk-size larger than 0x7fffffff. A successful attacker could cause all services to fail on the target system.

Extended Description

It has been reported that the native Windows 2000 and XP Professional SMTP service encounters difficulties when attempting to handle certain types of malformed SMTP commands. A remote attacker may be able to exploit this condition to cause a denial of SMTP service. The vulnerable software must be restarted to regain normal functionality.

Affected Products

  • Microsoft Exchange Server 2000 SP1
  • Microsoft Exchange Server 2000 SP2
  • Microsoft Exchange Server 2000
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP Professional

References

  • BugTraq: 4204
  • CVE: CVE-2002-0055
  • URL: http://www.juniper.net/security/auto/vulnerabilities/vuln1437.html
  • URL: http://www.microsoft.com/technet/security/bulletin/MS02-012.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out