Users login

Create an account »


Users login

Home » Hacking News » Norton AntiVirus for Microsoft Exchange 2000 Information Disclosure

Norton AntiVirus for Microsoft Exchange 2000 Information Disclosure

by Phiber on September 9th, 2001 A problem exists in Microsoft Exchange 2000 when running with Norton AntiVirus for Microsoft Exchange. A host running this combination of software can be tricked into disclosing mail directory paths to an attacker.

Message attachments sent to an affected host will be scanned for malicious content by Norton AntiVirus for Microsoft Exchange. Upon rejection, the message will be bounced back to the sender with notification of why the message was rejected. When this happens, the path to the intended recipient's INBOX is sent in the message header of the rejection notification. The expected behavior is that the header in the returned message will only contain the destination address of the user and not the path of the user's INBOX.

This can be exploited by an attacker who intentionally crafts a message to a user on the host which contains an attachment which will be rejected by the host.


Disable the notification feature that returns rejected messages to the sender.

Credits for this vulnerability go to Matthias Andree ([email protected]).

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »