|
Brought to you by:
Suppliers of:
|
|
|
| |
Microsoft Outlook Web Access is "an optional component included in Microsoft Exchange that allows users to access their mailboxes using a web frontend".
The Outlook Web Access module of Microsoft Exchange has been found to be vulnerable to a cross site scripting. |
| |
Credit:
The original article can be found at: http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
|
| |
Vulnerable Systems:
* Exchange Server version 5.5
Remote exploitation of a Cross-Site Scripting vulnerability in the Outlook Web Access (OWA) component within version 5.5 of Microsoft's Exchange Server allows an attacker to force to inject arbitrary script code into a users session, possibly stealing logon credentials.
To demonstrate the vulnerability, simply embed the following encoded text into an HTML e-mail:
< IMG SRC="javAsc
ript:alert('XSS')">
This will have the affect of popping up an alert window when the targeted user views the mail using Outlook Web Access. This proof of concept could easily be altered to cause the script to return authentication credentials to an attacker controlled server.
Successful exploitation of this vulnerability would allow an attacker to inject arbitrary script code into the Web Access session. This could allow for the theft of authentication information, which could lead to a compromised mail account. In order for exploitation to occur, the targeted user would only have to view an e-mail from an attacker. As it is trivial to spoof the source of e-mail, this vulnerability has a high potential for widespread exploitation.
Vendor Status:
The vendor security advisory and appropriate patches are available at:
http://www.microsoft.com/technet/security/Bulletin/MS05-029.mspx
CVE Information:
CAN-2005-0563
Disclosure Timeline:
* 04.08.05 - Initial vendor notification
* 04.08.05 - Initial vendor response
* 06.14.05 - Coordinated public disclosure
|
|
|
|
|
