• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Exchange Server SMTP HELO Argument Buffer Overflow Vulnerability

It has been reported that Microsoft Exchange server is prone to an SMTP HELO command argument buffer overflow vulnerability.

The issue presents itself likely due to insufficient bounds checking performed when handling malicious SMTP HELO command arguments of excessive length. It has been reported that a remote attacker may exploit this condition to trigger a denial of service in the affected daemon.