Microsoft: >> Exchange Server >> 2000 Security Vulnerabilities
IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's.
CVSS Score
5.0
EPSS Score
0.123
Published
2001-06-02
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability.
CVSS Score
7.5
EPSS Score
0.063
Published
2001-01-09
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
CVSS Score
5.0
EPSS Score
0.13
Published
2000-02-29
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
CVSS Score
4.6
EPSS Score
0.008
Published
1998-11-12
Page 4