Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service Vulnerabilities

1. SMTP Server MX Record Vulnerability

A denial of service vulnerability exists in the way that the Microsoft Windows Simple Mail Transfer Protocol (SMTP) component handles specially crafted DNS Mail Exchanger (MX) resource records. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a computer running the SMTP service. An attacker who successfully exploited this vulnerability could cause the SMTP service to stop responding until restarted.

2. SMTP Memory Allocation Vulnerability

An information disclosure vulnerability exists in the Microsoft Windows Simple Mail Transfer Protocol (SMTP) component due to the manner in which the SMTP component handles memory allocation. An attacker could exploit the vulnerability by sending invalid commands, followed by the STARTTLS command, to an affected server. An attacker who successfully exploited this vulnerability could read random e-mail message fragments stored on the affected server. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce useful information that could be used to try to further compromise the affected system.