Published: 17/11/2003 Updated: 09/04/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote malicious users to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft exchange server 5.5
microsoft exchange server 2000

## # $Id: ms03_046_exchange2000_xexch50rb 10998 2010-11-11 22:43:22Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'ms ...

#!/usr/bin/perl -w ################## ## # ms03-046pl - hdm metasploit com # This vulnerability allows a remote unauthenticated user to overwrite big chunks # of the heap used by the inetinfoexe process Reliably exploiting this bug is # non-trivial; even though the entire buffer is binary safe (even nulls) and can be # just about any size, t ...

CWE-400 http://www.kb.cert.org/vuls/id/422156 http://www.securityfocus.com/bid/8838 http://www.cert.org/advisories/CA-2003-27.html http://marc.info/?l=bugtraq&m=106682909006586&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-046 https://nvd.nist.gov https://www.exploit-db.com/exploits/16820/https://www.kb.cert.org/vuls/id/422156

CVE-2003-0714

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect