The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote malicious user to conduct a denial of service or execute commands.
microsoft exchange server 5.5