Microsoft Exchange X-LINK2STATE buffer overflow

Added: 01/13/2006
CVE: CVE-2005-0560
BID: 13118
OSVDB: 15467

Background

Microsoft Exchange is an e-mail server for Microsoft Windows operating systems.

Problem

A buffer overflow condition in the handling of the X-LINK2STATE extended verb could allow a remote attacker to execute arbitrary commands.

Resolution

Install the patch referenced in Microsoft Security Bulletin 05-021.

References

http://www.microsoft.com/technet/security/bulletin/ms05-021.mspx

Limitations

Exploit works on Exchange 2000 SP3. Unauthenticated exploitation is not possible against Windows Server 2003. Since this is a heap-based buffer overflow, exploit may not be reliable. Automated penetration test might not be able to pick the correct Exchange target type since there is no way to determine it remotely.

Platforms

Windows 2000

Back to exploit index