| VID |
26141 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (895179) for 'XSS vulnerability in OWA for Exchange Server 5.5' has not been applied. Microsoft Exchange 5.5 Server using the Outlook Web Access (OWA) service is vulnerable to cross-site scripting and spoofing attacks, caused by a vulnerability when OWA performs HTML encoding in the Compose New Message form.
The cross-site scripting (XSS) vulnerability could allow an attacker to convince a user to run a malicious script. Successful exploitation of this vulnerability would allow an attacker to inject arbitrary script code into the Web Access session. This could allow for the theft of authentication information, which could lead to a compromised mail account. In order for exploitation to occur, the targeted user would only have to view an e-mail from an attacker. It may also be possible to exploit the vulnerability to manipulate Web browser caches and intermediate proxy server caches, and put spoofed content in those caches.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms05-029.mspx
http://secunia.com/advisories/15697
http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
http://www.kb.cert.org/vuls/id/300373
* Platforms Affected:
Microsoft Exchange 5.5 SP4
Microsoft IIS 5.0
Microsoft Internet Explorer 6.0 SP1
Microsoft Windows 2000 SP3 and later |
| Recommendation |
Apply the appropriate patch (KB895179) for your system, as listed in Microsoft Security Bulletin MS05-029 at http://www.microsoft.com/technet/security/bulletin/ms05-029.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2005-0563 (CVE) |
| Related URL |
13952 (SecurityFocus) |
| Related URL |
20967 (ISS) |
|
