Microsoft Exchange Server vulnerabilities

CVE-2000-0524 [MEDIUM] CVE-2000-0524: Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From.

CVE-1999-1043 [MEDIUM] CVE-1999-1043: Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malfo Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).

CVE-1999-0993 [HIGH] CWE-665 CVE-1999-0993: Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.

CVE-1999-0682 [MEDIUM] CVE-1999-0682: Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP a Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.

CVE-1999-0385 [CRITICAL] CWE-120 CVE-1999-0385: The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduc The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.

CVE-1999-0007 [MEDIUM] CWE-327 CVE-1999-0007: Information from SSL-encrypted sessions via PKCS #1. Information from SSL-encrypted sessions via PKCS #1.

CVE-1999-0284 [HIGH] CWE-120 CVE-1999-0284: Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer over Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.