|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Windows : Microsoft Bulletins >> Vulnerability in Exchange Server 5.5 Outlook Web Access XSS (895179) Vulnerability Assessment Details
|
Vulnerability in Exchange Server 5.5 Outlook Web Access XSS (895179) |
||
Checks for ms05-029 via the registry Detailed Explanation for this Vulnerability Assessment Summary : The remote Web Server contains a script which is vulnerable to cross site scripting attacks. Description : The remote host is running a version of the Outlook Web Access which contains cross site scripting flaws. This vulnerability could permit a possible hacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts to exploit this vulnerability require user interaction. This vulnerability could permit a possible hacker access to any data on the Outlook Web Access server that was accessible to the individual user. It may also be possible to exploit the vulnerability to manipulate Web browser caches and intermediate proxy server caches, and put spoofed content in those caches. Solution : Microsoft has released a patch for OWA for Exchange 5.5 : http://www.microsoft.com/technet/security/bulletin/ms05-029.mspx Network Security Threat Level: Low / CVSS Base Score : 3 (AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C) Networks Security ID: 13952 Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security |
||
Cables, Connectors |
Cisco WAP371 IEEE 802.11ac 1.27 Gbit/s Wireless Access Point
$80.00
GENUINE CISCO QSFP-40/100-SRBD 100G QSFP Transceiver
$129.99
Cisco SG110 24 Port Gigabit Ethernet Switch w/ 2 x SFP SG110-24
$117.00
GENUINE CISCO DS-SFP-FC32G-SW SFP NEW SEALED SEE PHOTOS SHIPS FREE
$74.99
Cisco WS-C3850-48P-L 48-Port Gigabit 3850 PoE Switch w/ 715W+ C3850-NM-4-1G Mod
$79.00
Cisco Nexus N3K-C3048TP-1GE 48 Port Switch w/ Dual Power - Same Day Shipping
$85.99
Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03
$8.00
Cisco WS-C3750X-48T-S 48 Port 3750X Gigabit Switch - Same Day Shipping
$49.95
Cisco C9300-48U-A 48-Port Gig UPoE Network Advantage Switch -Same Day Shipping
$859.95
Cisco Nexus N3K-C3172PQ-XL 48P 10GbE SFP+ 4P QSFP+ Switch N3K-C3172PQ-XL-F
$229.00
|
||
No Discussions have been posted on this vulnerability. |