| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <B3474FD71F67D4118C5800508B693A20027CB804@it-exch.instill.com> Date: Fri, 23 May 2003 10:17:54 -0700 From: Chris Robertson <Chris.Robertson@...till.com> To: "'bugtraq@...urityfocus.com'" <bugtraq@...urityfocus.com> Subject: RE: Outlook Web Access authentication bypass Please disregard this. A configuration change had been unknowingly made on the Exchange server (making the test account an Exchange Admin). I sincerly apologize for any confusion this may have caused. Chris Robertson -----Original Message----- From: Chris Robertson [mailto:Chris.Robertson@...till.com] Sent: Friday, May 23, 2003 1:03 AM To: 'bugtraq@...urityfocus.com' Subject: Outlook Web Access authentication bypass This exploit exhibits the same symptoms as CAN-2002-0507 however I have found it is possible on an Exchange 5.5 (patches current to within ~3 months) single system Outlook Web Access install (IIS and Exchange on the same server) to access any mailbox once the client has been successfully authenticated in Netscape 7.0 on Windows 2k and Redhat 7.2, Mozilla 1.0.1, Galeon 1.2.5, and Konqueror 3.0.3-13 on Redhat 8.0. Additionally under IE 5.50.4807.2300 it is possible to get the same behavior by canceling an attempted login to a non-authorized mailbox and editing the url from ..."isnewwindow=0"... to ..."isnewwindow=1"... Does anyone have anymore info on this? Thanks, Chris Robertson Security Engineer Instill Corp.
Powered by blists - more mailing lists