SecurityTracker: (Microsoft Issues Fix) Microsoft Exchange 2003 With Outlook Web Access and Windows SharePoint Services May Grant Incorrect E-mail Account Access to Remote Authenticated Users

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (E-mail Server) > Microsoft Exchange

Vendors: Microsoft

(Microsoft Issues Fix) Microsoft Exchange 2003 With Outlook Web Access and Windows SharePoint Services May Grant Incorrect E-mail Account Access to Remote Authenticated Users

SecurityTracker Alert ID: 1008700

SecurityTracker URL: http://securitytracker.com/id/1008700

CVE Reference: CAN-2003-0904 (Links to External Site)

Updated: Jan 15 2004

Original Entry Date: Jan 13 2004

Impact: User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 2003

Description: A vulnerability was reported in Microsoft Exchange 2003 when used with Outlook Web Access and Windows SharePoint Services. The system may grant a remote authenticated user access to the wrong e-mail account.

Matthew Johnson reported that a remote authenticated user may be granted full access to a random user's mailbox.

Martin Blackstone noted that Microsoft issued a support article on the topic. Microsoft reports that when Windows SharePoint Services 2.0 is installed on a Windows Server 2003 system that is running Exchange Server 2003, Kerberos authentication on Internet Information Services (IIS) may be disabled. As a result, Outlook Web Access requests may be incorrectly handled, the report said.

Impact: A remote authenticated user may be granted full access to a random user's mailbox.

Solution: The vendor has released a fix for Exchange Server 2003, available at:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9542F949-D09B-4199-A837-FBCFC0567676&displaylang=en

Microsoft plans to include this fix in Exchange Server 2003 SP1.

This patch does not require the computer to restart.

The vendor reports that a disruption in OWA and Simple Mail Transfer Protocol (SMTP) mail flow and other Internet Information Services (IIS) applications may occur during the patching process.

Vendor URL: www.microsoft.com/technet/security/bulletin/ms04-002.asp (Links to External Site)

Cause: Authentication error, State error

Underlying OS: Windows (2003)

Message History: This archive entry is a follow-up to the message listed below.

Microsoft Exchange 2003 With Outlook Web Access and Windows SharePoint Services May Grant Incorrect E-mail Account Access to Remote Authenticated Users

Source Message Contents

Date: Tue, 13 Jan 2004 14:37:34 -0500
Subject: MS04-002


http://www.microsoft.com/technet/security/bulletin/ms04-002.asp

MS04-002

Vulnerability in Exchange Server 2003 Could Lead to Privilege Escalation (832759)

Microsoft Outlook Web Access for Microsoft Exchange Server 2003

Maximum Severity Rating: Moderate

CVE:  CAN-2003-0904

A vulnerability has been reported in Microsoft Outlook Web Access (OWA) for Microsoft 
Exchange Server 2003 in the reuse of HTTP connections with NTLM authentication.  A remote 
authenticated OWA user may be able to access a target user's mailbox in certain situations.

It is reported that if the target user's mailbox is hosted on the same back-end server as 
the remote authenticated user and if the target user has recently access their mailbox, 
the flaw may occur.  According to the report, the remote user cannot specify or control 
which target user mailbox is accessed.

The flaw may occur when the web server running the Exchange Server 2003 programs on the 
Exchange back-end server has been specifically configured to not use the default Kerberos 
authentication, causing OWA to fall back to using NTLM authentication.  This specific 
configuration may occur when Microsoft Windows SharePoint Services 2.0 is installed on a 
Windows Server 2003 server that also operates as an Exchange Server 2003 back-end.

Only systems that use a front-end server that hosts OWA for Exchange 2003 Server on 
Windows 2000 or Windows Server 2003 in conjunction with a back-end Exchange Server 2003 
that on Windows Server 2003 are affected by this flaw.

The vendor reports that Exchange Server 2000 and 5.5 are not affected.


The vendor has released a fix for Exchange Server 2003, available at:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9542F949-D09B-4199-A837-FBCFC0567676&displaylang=en

Microsoft plans to include this fix in Exchange Server 2003 SP1.

This patch does not require the computer to restart.

The vendor reports that a disruption in OWA and Simple Mail Transfer Protocol (SMTP) mail 
flow and other Internet Information Services (IIS) applications may occur during the 
patching process.

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC