SMTP: Microsoft Exchange Calendar Request Heap Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Exchange Information Store service while processing Outlook calendar requests. Attackers can overwrite the heap structure, thereby causing an exception which results in a denial of service on an Exchange server. Typically, the service is not set to restart automatically if it is terminated.
Extended Description
Microsoft Exchange Server is prone to a vulnerability that may let attackers execute code remotely. This issue is exposed when the server handles emails that contain malicious calendar data that is included in meeting requests. If the issue is successfully exploited, this could completely compromise the computer hosting the mail server.
Affected Products
Microsoft exchange_server_2003
References
BugTraq: 17908
CVE: CVE-2006-0027
URL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1818
Short Name
SMTP:EXCHANGE:CALENDAR-HEAP
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2006-0027 Calendar Exchange Heap Microsoft Overflow Request bid:17908
Release Date
05/09/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5