=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN531
_____________________________________________________________________

DATE                      : 15/12/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows Server 2003, Windows Server 2008,
                             running Microsoft Exchange Server version 2007 Service Pack 2.

======================================================================
KB2407132
http://www.microsoft.com/technet/security/Bulletin/MS10-106.mspx
______________________________________________________________________

Microsoft Security Bulletin MS10-106 - Moderate
Vulnerability in Microsoft Exchange Server Could Allow Denial of Service
(2407132)

Version: 1.0

General Information

Executive Summary

  This security update resolves a privately reported vulnerability in Microsoft
  Exchange Server. The vulnerability could allow denial of service if an
  authenticated attacker sent a specially crafted network message to a computer
  running the Exchange service. Firewall best practices and standard default
  firewall configurations can help protect networks from attacks that originate
  outside the enterprise perimeter. Best practices recommend that systems that
  are connected to the Internet have a minimal number of ports exposed.

  This security update is rated Moderate for Microsoft Exchange Server 2007
  Service Pack 2 for x64-based Systems. For more information, see the
  subsection, Affected and Non-Affected Software, in this section.

  The security update addresses the vulnerability by correcting the manner in
  which the Exchange Server store processes RPC requests. For more information
  about the vulnerability, see the Frequently Asked Questions (FAQ) subsection
  for the specific vulnerability entry under the next section, Vulnerability
  Information.

Affected Software

  Microsoft Exchange Server 2007 Service Pack 2 for x64-based Systems (2407132)

Vulnerability Information

Exchange Server Infinite Loop Vulnerability - CVE-2010-3937

  A denial of service vulnerability exists in the way that the Microsoft
  Exchange store processes specially crafted RPC calls. The vulnerable code path
  is only accessible to authenticated users. An authenticated attacker could
  exploit the vulnerability by sending a specially crafted network message to a
  computer running the Exchange service. An attacker who successfully exploited
  this vulnerability could cause the Exchange service to stop responding until
  manually restarted.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================