DOCUMENT:Q188369 21-APR-1999 [exchange] TITLE :XADM: AUTHINFO Command Causes Information Store Problems PRODUCT :Microsoft Exchange PROD/VER:WINDOWS:5.0,5.5 OPER/SYS: KEYWORDS: ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Exchange Server, versions 5.0, 5.5 ------------------------------------------------------------------------------- SYMPTOMS ======== A malicious attacker could connect to the NNTP port of an Exchange Server 5.5 or 5.0 machine and disrupt the information store process by issuing specific sequences of AUTHINFO commands. When this occurs, an application error similar to one of the following may occur: - The instruction at "0x00611a00" referenced memory at "0x8b4475db". The memory could not be "read". - The instruction at "0x005cd600" referenced memory at "0x068fb87a". The memory could not be "written". In addition, the Exchange Server information store may stop unexpectedly, causing the Internet Mail Service and other Exchange Server information services to no longer function properly. CAUSE ===== Improper checking of bounds conditions on certain AUTHINFO command sequences can result in a buffer overflow. STATUS ====== Microsoft has confirmed this to be a problem in Microsoft Exchange Server version 5.0. A supported fix is now available, but has not been fully regression-tested and should be applied only to systems experiencing this specific problem. Unless you are severely impacted by this specific problem, Microsoft recommends that you wait for the next service pack that contains this fix. Contact Microsoft Technical Support for more information. This fix has been posted to the following Internet location: ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.0/Post-SP2-STORE/ Microsoft has confirmed this to be a problem in Microsoft Exchange Server version 5.5. This problem has been corrected in the latest U.S. service pack for Microsoft Exchange Server version 5.5. For information on obtaining the service pack, query on the following word in the Microsoft Knowledge Base (without the spaces): S E R V P A C K Additional query words: ims internet mail connector imc ====================================================================== Keywords : Technology : kbExchangeSearch kbExchange500 kbExchange550 kbZNotKeyword2 Version : WINDOWS:5.0,5.5 Issue type : kbbug Solution Type : kbfix ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 1999.