CVE-2007-0221

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server 2000 SP3

Description The issue is related to an integer overflow in the IMAP support, allowing remote attackers to cause a denial of service by sending crafted literals in an IMAP command. This can also be exploited by sending specially crafted IMAP requests to a Microsoft Exchange Server configured as an IMAP server, causing the mail service to stop responding.

Recommendations For Microsoft Exchange Server 2000 SP3, consider restricting access to IMAP services until a fix is available. As a temporary workaround, avoid using the IMAP server functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.