The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-009
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-009