The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

User Controls

New User

Login

Edit/View My Profile

ActiveMac

Articles

Forums

Links

News

News Search

Reviews

News Centers

Windows/Microsoft

DVD

ActiveHardware

Xbox

MaINTosh

News Search

ANet Chats

The Lobby

Special Events Room

Developer's Lounge

XBox Chat

FAQ's

Windows 98/98 SE

Windows 2000

Windows Me

Windows "Whistler" XP

Windows CE

Internet Explorer 6

Internet Explorer 5

Xbox

DirectX

DVD's

TopTechTips

Registry Tips

Windows 95/98

Windows 2000

Internet Explorer 4

Internet Explorer 5

Windows NT Tips

Program Tips

Easter Eggs

Hardware

DVD

Latest Reviews

Applications

Microsoft Windows XP Professional

Norton SystemWorks 2002

Hardware

Intel Personal Audio Player 3000

Microsoft Wireless IntelliMouse Explorer

Site News/Info

About This Site

Affiliates

ANet Forums

Contact Us

Default Home Page

Link To Us

Links

Member Pages

Site Search

Awards

Credits
©1997/2004, Active Network. All Rights Reserved.
Layout & Design by Designer Dream. Content written by the Active Network team. Please click here for full terms of use and restrictions or read our Privacy Statement.

  *  

  Microsoft Security Bulletin MS02-037: Server Response To SMTP Client EHLO Command Results In Buffer Overrun (Q326322)
Time: 00:00 EST/05:00 GMT | News Source: ActiveWin.com | Posted By: Robert Stein

The Internet Mail Connector (IMC) enables Microsoft Exchange Server to communicate with other mail servers via SMTP. When the IMC receives an SMTP extended Hello (EHLO) protocol command from a connecting SMTP server, it responds by sending a status reply that starts with the following: 250-Hello. A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the total length of the message exceeds a particular value, the data would overrun the buffer. If the buffer were overrun with random data, it would result in the failure of the IMC. If, however, the buffer were overrun with carefully chosen data, it could be possible for the attacker to run code in the security context of the IMC, which runs as Exchange5.5 Service Account.

Write Comment
Return to News

  Displaying 426 through 427 of 427
Prev | First 		  The time now is 2:58:14 PM ET.
Any comment problems? E-mail us
#426 By 4240821 (166.1.149.27) at 2/13/2025 11:48:59 AM
https://hotpic.cc/album/LTpXyJXCq60UC
https://hotpic.cc/album/8YR1GMQkRmDyJ
https://hotpic.cc/album/vJSKsQJFbFbCd
https://hotpic.cc/album/3jpCloAUjMEAp
https://hotpic.cc/album/aMf3AEkNHZDh1
https://hotpic.cc/album/DQECtY1P3TdZJ
https://hotpic.cc/album/rTZHP78FP70vM
https://hotpic.cc/album/Sm8ed2Zxhkbbr
https://hotpic.cc/album/JUDYxR2uOfoDo
https://hotpic.cc/album/gfzY0cEOF2KXH

#427 By 4240821 (142.111.253.203) at 2/14/2025 9:02:52 AM
https://hotpic.cc/album/4GKlUwv6RjnwR
https://hotpic.cc/album/gtNRDPy4YJbJP
https://hotpic.cc/album/FfG1I1mrmTJQB
https://hotpic.cc/album/lrIgs5YpYd6ul
https://hotpic.cc/album/Forb7eQB6SNDA
https://hotpic.cc/album/9JwsT0U1ToVuC
https://hotpic.cc/album/3wdq3fl9cWChZ
https://hotpic.cc/album/TK2o4esORG9nv
https://hotpic.cc/album/G6bmvX0Blobpj
https://hotpic.cc/album/UzLDdfHdfrmu8

Write Comment
Return to News
  Displaying 426 through 427 of 427
Prev | First 		  The time now is 2:58:14 PM ET.
Any comment problems? E-mail us
User name and password:

 

   *  
  *   *