Exchange XEXCH50 Exploit v1.14 Vulnerability exploited: CAN-2003-0714 - BID-8838 Category: Exploits/Remote This module exploits a buffer overflow and installs a level0 agent. The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request (XEXCH50)In Exchange 2000 an agent could be installed exploiting a buffer overflow in the same SMTP command. Supported Systems: Windows 2000 Advanced Server - sp4 (i386) Windows 2000 Server - sp4 (i386) Exchange 2000 Exchange 2000 sp1 Exchange 2000 sp2 Exchange 2000 sp3 This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.