2 matches found
MS04-002: Exchange Privilege Escalation (832759)
The remote host is running an unpatched version of Microsoft Exchange that could allow an attacker with a valid Exchange account to access another user's mailbox using Outlook for Web Access C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11989; scriptversion"1.39";...
CVE-2003-0904
Summary: CVE-2003-0904 affects Microsoft Exchange Server 2003 with Outlook Web Access (OWA) when NTLM is used. A flaw in HTTP connection reuse between front-end and back-end servers (NTLM-authenticated OWA) can cause a user to be connected to another user’s mailbox if Kerberos is disabled or fall...