[Am-info] Microsoft Exchange 2003 May Provide Access to Wrong Mailbox
Fred Miller
fmiller@lightlink.com
Tue, 13 Jan 2004 15:52:52 -0500
Microsoft Exchange 2003 May Provide Access to Wrong Mailbox
CRITICAL:
Less critical
IMPACT:
Exposure of sensitive information
WHERE:
=46rom remote
SOFTWARE:
Microsoft Exchange Server 2003
DESCRIPTION:
Microsoft has reported a weakness in Exchange Server 2003, which is
caused due to a bug in the handling of NTLM authentication in Outlook
Web Access.
Systems configured to use NTLM instead of Kerberos (which is the
default authentication scheme) may provide users access to mailboxes
belonging to other users, which have recently accessed their
mailbox.
Microsoft Sharepoint Services may cause the configuration to be
changed so that NTLM authentication is used instead of Kerberos.
It is not possible for a malicious user to control which mailbox to
access.
SOLUTION:
Microsoft has issued patches:
http://www.microsoft.com/downloads/
details.aspx?FamilyId=3D9542F949-D09B-4199-A837-FBCFC0567676&displaylang=3D=
en
ORIGINAL ADVISORY:
Vulnerability in Exchange Server 2003 Could Lead to Privilege
Escalation (832759)
http://www.microsoft.com/technet/treeview/default.asp?url=3D/technet/securi=
ty/
bulletin/MS04-002.asp
=2D-=20
"...Linux, MS-DOS, and Windows XP (also known as the Good, the Bad, and
the Ugly)."