lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3F8E8D4A.70402@sanctuminc.com>
Date: Thu, 16 Oct 2003 14:21:30 +0200
From: Ory Segal <ory.segal@...ctuminc.com>
To: BUGTRAQ@...URITYFOCUS.COM, webappsec@...urityfocus.com,
	news@...uriteam.com
Subject: Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
 Cross-Site Scripting Attack (Microsoft Security Bulletin MS03-047)



 From Microsoft Security Bulletin MS03-047:

A cross-site scripting (XSS) vulnerability results due to the way that 
Outlook Web Access (OWA) performs HTML encoding in the Compose New 
Message form.

An attacker could seek to exploit this vulnerability by having a user 
run script on the attacker's behalf. The script would execute in the 
security context of the user. If the script executes in the security 
context of the user, the attacker's code could then execute by using the 
security settings of the OWA Web site (or of a Web site that is hosted 
on the same server as the OWA Web site) and could enable the attacker to 
access any data belonging to the site where the user has access.
 
To exploit this vulnerability through OWA, an attacker would have to 
send an e-mail message that has a specially-formed link to the user. The 
user would then have to click the link. To exploit this vulnerability in 
another way, an attacker would have to know the name of the user's 
Exchange server and then entice the user to open a specially-formed link 
from another source while the user is logged on to OWA.

The full security bulletin can be found at:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-047.asp





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ