Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Microsoft Exchange Server 5.0 Update Rollup

Microsoft Exchange Server 5.0 Update Rollup

View products that this article applies to.

Introduction

Microsoft has released an update rollup package for Microsoft Exchange Server 5.0 that includes the hotfixes and updates that are described in the following list. This small, comprehensive rollup of updates is an easy mechanism for managing the rollout of these fixes.

↑ Back to the top

More information

The following problems are resolved by this update:
  • A security vulnerability exists in the Internet Mail Connector that could allow an unauthenticated attacker to connect to the Simple Mail Transfer Protocol (SMTP) port on an Exchange 5.0 server and issue a specially crafted extended verb request that could allocate lots of memory. This could shut down the Internet Mail Connector or could cause the server to stop responding because of a low memory condition.

    This issue is addressed in more detail in Microsoft Security Bulletin MS03-046.
    http://www.microsoft.com/technet/security/bulletin/MS03-046.mspx
  • Remote procedure call (RPC) requests that are sent to Microsoft Exchange services do not adequately validate inputs and in some cases will accept invalid inputs that prevent normal processing. The specific input values that are affected by this problem vary from RPC server to RPC server.

    An attacker who sent such inputs to an affected RPC server could disrupt its service. The precise type of disruption would depend on the specific service, but could range in effect from minor (for example, the service temporarily stops responding or "hangs") to major (for example, the service fails in a way that would require the entire system to be restarted).

    This issue is addressed in more detail in Microsoft Security Bulletin MS01-041.
    http://www.microsoft.com/technet/security/Bulletin/MS01-041.mspx
  • Exchange 5.0 checks for invalid values in the MIME header fields as it processes incoming e-mail messages. However, if a particular type of invalid value is present in certain fields, the Exchange service will fail. You can restore ordinary operations by restarting the Exchange service and then deleting the offending e-mail message.

    This vulnerability does not allow unauthorized users to add, delete or modify e-mail messages, nor can such users usurp administrative privileges on the server through this vulnerability.

    This issue is addressed in more detail in Microsoft Security Bulletin MS00-082.
    http://www.microsoft.com/technet/security/bulletin/MS00-082.mspx
The update rollup package provides all the fixes that these three security bulletins provide. Therefore, if you install the update rollup package, all the problems that are described in these three security bulletins are corrected at the same time.

File information

The English version of this update has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. 
Date         Time   Version            Size    File name
   --------------------------------------------------------------
   05-Jan-2004  17:05  5.0.1462.21        26,384  Address.dll          
   05-Jan-2004  16:51  5.0.1462.21        29,456  Edbback.dll      
   05-Jan-2004  17:21  5.0.1462.21     2,022,672  Emsmta.exe       
   05-Jan-2004  17:06  5.0.1462.21        66,320  Ems_rid.dll      
   05-Jan-2004  16:41  5.0.1462.21       153,872  Imcmsg.dll       
   05-Jan-2004  17:45  5.0.1462.21       574,736  Mad.exe          
   05-Jan-2004  16:23  5.0.1462.21       451,856  Mdbmsg.dll       
   05-Jan-2004  17:06  5.0.1462.21        33,040  Mmiext.dll       
   05-Jan-2004  16:47  5.0.1462.21       478,480  Msexcimc.exe     
   05-Jan-2004  17:07  5.0.1462.21       428,816  Mt.exe           
   05-Jan-2004  17:24  5.0.1462.21       179,472  Mtacheck.exe     
   05-Jan-2004  17:06  5.0.1462.21       707,856  Mtamsg.dll       
   05-Jan-2004  16:04  5.0.1462.21     2,476,816  Store.exe        
   23-Jan-2004  19:31                    319,488  Uninst.exe       
   05-Jan-2004  17:05  5.0.1462.21       319,248  X400om.dll

↑ Back to the top

Properties

Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

↑ Back to the top

Keywords: KB834130, kbqfe, kbsecurity, kbsecbulletin, kbsecvulnerability, kbbug, kbfix, kbhotfixrollup, kbexchange500fix

↑ Back to the top

Article Info
Article ID : 834130
Revision : 7
Created on : 10/26/2006
Published on : 10/26/2006
Exists online : False
Views : 228