Wednesday, April 13, 2005

Exchange 2000/3 Security vulnerability

Snippet from MS-05-021 -

A remote code execution vulnerability exists in Microsoft Exchange Server that that could allow an attacker to connect to the SMTP port on an Exchange server and issue a specially-crafted command that could result in a denial of service or allow an attacker to run malicious programs of their choice in the security context of the SMTP service.

Further info and links for download can be found here

No comments: