SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Microsoft Exchange Vendors:   Microsoft
Microsoft Exchange Server RPC Input Validation Failure Lets Remote Users Crash the Exchange Service
SecurityTracker Alert ID:  1002104
SecurityTracker URL:  http://securitytracker.com/id/1002104
CVE Reference:   CVE-2001-0509   (Links to External Site)
Date:  Jul 28 2001
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Microsoft Exchange Server 5.5, Microsoft Exchange Server 2000
Description:   Microsoft reported that Bindview discovered a vulnerability in the RPC servers associated with several products, including Microsoft Exchange. The security hole allows a remote user to send a malformed RPC message to the Exchange Server potentially causing the service to crash or causing the operating system to become unstable.

It is reported that one or more RPC servers used by Exchange fails to validate input received from an RPC stub (which is based on user-supplied data). If the data does not match the specifications in the stub's interface definition or if the data is otherwise out of range, the RPC server may behave unpredicatbly or may crash.

Similar flaws are contained in Microsoft SQL Server and Microsoft's Windows 2000 and Windows NT operating systems (see the separate Alerts for these other product vulnerabilities).

Impact:   A remote user can send a malformed RPC message to Microsoft Exchange to cause it to crash or cause the operating system to become unstable.
Solution:   The vendor has released patches. See the Vendor URL to obtain the latest patch information.
Vendor URL:  www.microsoft.com/technet/security/bulletin/MS01-041.asp (Links to External Site)
Cause:   Input validation error
Underlying OS:  Windows (NT), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  Microsoft Security Bulletin MS01-041


The following is a Security  Bulletin from the Microsoft Product Security
Notification Service.

Please do not  reply to this message,  as it was sent  from an unattended
mailbox.
                    ********************************

-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------
Title:      Malformed RPC Request Can Cause Service Failure
Date:       26 July 2001
Software:   Exchange Server 5.5, Exchange Server 2000, 
            SQL Server 7.0, SQL Server 2000, Windows NT 4.0,
            Windows 2000
Impact:     Denial of service
Bulletin:   MS01-041

Microsoft encourages customers to review the Security Bulletin at: 
http://www.microsoft.com/technet/security/bulletin/MS01-041.asp.
- ----------------------------------------------------------------------

Issue:
======
Several of the RPC servers associated with system services in
Microsoft 
Exchange, SQL Server, Windows NT 4.0 and Windows 2000 do not
adequately 
validate inputs, and in some cases will accept invalid inputs that 
prevent normal processing. The specific input values at issue here
vary 
from RPC server to RPC server. 

An attacker who sent such inputs to an affected RPC server could 
disrupt its service. The precise type of disruption would depend on
the 
specific service, but could range in effect from minor (e.g., the 
service temporarily hanging) to major (e.g., the service failing in a
way that would require the entire system to be restarted). 

Mitigating Factors:
====================
 - Proper firewalling would help minimize an affected system's 
   exposure to attack by Internet-based users. In general, a 
   firewall should block access to all RPC services except 
   those that are specifically intended for use by untrusted users. 

Patch Availability:
===================
 - A patch is available to fix this vulnerability. Please read the 
   Security Bulletin
   http://www.microsoft.com/technet/security/bulletin/ms01-041.asp
   for information on obtaining this patch.

Acknowledgment:
===============
 - Bindview's Razor Team (http://razor.bindview.com) 

- ---------------------------------------------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED 
"AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL 
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF 
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
SHALL 
MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES 
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL,
LOSS 
OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. 
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR
CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY
NOT 
APPLY.



-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3

iQEVAwUBO2CYdY0ZSRQxA/UrAQFskQgAhCSiUL+P1jGqprMKaymZ4o7Pe6MtXR+S
7GaVkXvTDKzOGwvIw23lOsR3G5d+TJUtNxpVBQwOJus82Es6rpJWjcCYzg4evZgv
wAy68V2dxNbTgk7sEKgIAUwkDGETiKONj5EyEIQfeC/UePXZmtGhzBKAmtXPmYL/
me5TNmWOwu6398OnTKBD4JC2raUpbdXEQ6/OSHAQJiUTEObhOE8ZnrxZ0ZHjsD9S
/Hw7XONVJ597mOkW3VtucH7ztKoUAvp5tkE3pwS2nKrRtT/9qatD9m18+J56PeMA
7K283xP4ILs/SQjJRwYbCL+IxnUrFi5nvAPL3y2xr9XRa4p8nxCBkg==
=GuBL
-----END PGP SIGNATURE-----

   *******************************************************************
You have received  this e-mail bulletin as a result  of your registration
to  the   Microsoft  Product  Security  Notification   Service.  You  may
unsubscribe from this e-mail notification  service at any time by sending
an  e-mail  to  MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM
The subject line and message body are not used in processing the request,
and can be anything you like.

To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.

For  more  information on  the  Microsoft  Security Notification  Service
please  visit  http://www.microsoft.com/technet/security/notify.asp.  For
security-related information  about Microsoft products, please  visit the
Microsoft Security Advisor web site at http://www.microsoft.com/security.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC