Security patch issued for Exchange, IIS 5 DoS holes
Microsoft Corp. is recommending users of Exchange 2000 and Internet Information Server 5.0 install a patch that can prevent a denial of service attack.
The vulnerability in both servers is exploited using a malformed URL, which when sent repeatedly can overwhelm either IIS or Exchange and cause a failure.
Each server, however, has an automatic restart that would put the server back online quickly, according to Microsoft. The vulnerability does not allow the attacker to gain administrative control or change any data, but if exploited Web and e-mail service can be interrupted.
An attack on an Exchange 2000 Server, however, would only affect Web-based mail clients and not MAPI clients on the network. Exchange 2000 allows the use of URL-based access to the mail store within the server's Web Storage System. In addition, since the attacker would need to sign on to the Exchange server before delivering the malformed URL, the exploit is harder to carry out on Exchange.
"The Exchange side has a higher level of security against this bug because you have to get authorization to the server," says Chris Baker, lead product manager for Exchange Server. "Technically this could happen but there are a number of things that have to line up and the vulnerability doesn't use a typical URL."
The flaw is rooted in the handling of URLs that have a length within a narrow range of values. If such a URL is sent repeatedly to the server, it causes a memory allocation error that crashes the server.
Exchange and IIS have separate code that processes URLs, but the code has the same flaw. But since IIS is installed as part of Exchange 2000, an Exchange 2000 administrator needs to install both patches.
The patches are available at:
Microsoft IIS release 28155 download
Microsoft Exchange 2000 release 28369
Network World Fusion
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Crimeware: Understanding New Attacks and Defenses
By Markus Jakobsson, Zulfikar Ramzan
Published Apr 6, 2008 by Addison-Wesley Professional. Part of the Symantec Press series.
Enter now! | Official rules | Sample chapter
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
By Peter Thermos, Ari Takanen
Published Aug 1, 2007 by Addison-Wesley Professional.
Enter now! | Official rules | Sample chapter
