[16785] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Possible Exchange 5.5 Server DoS

daemon@ATHENA.MIT.EDU (3APA3A)
Fri Sep 15 02:03:55 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <9700.000914@sandy.ru>
Date:         Thu, 14 Sep 2000 16:48:50 +0400
Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU>
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
X-To:         Christer Enberg <chribba@DEO.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <F1219E765B7FD311889900E01898B1D03E2480@EXECUTOR>

Hello Christer Enberg,

12.09.2000 10:30, you wrote: Possible Exchange 5.5 Server DoS;
C> queues and then restart exchange.

C> It seems that the attachment line is the problem, by removing the attachment
C> and sending the mail nothing happens.

The problem is probably in Content-Type: field

Content-Type: multipart/mixed;
        boundary = ""

As  you  can  see  boundary (delimeter between MIME parts) is declared
empty.

It  seems  Exchange  crashes  then  it tries to locate end of the part
(every part must begin with "--" + boundary and end with boundary.

/3APA3A


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16785] in bugtraq

Re: Possible Exchange 5.5 Server DoS

daemon@ATHENA.MIT.EDU (3APA3A)Fri Sep 15 02:03:55 2000

daemon@ATHENA.MIT.EDU (3APA3A)
Fri Sep 15 02:03:55 2000