8 matches found
Unspecified Vulnerability in Zimbra zm-mailbox
Zimbra zm-mailbox is a mailbox management tool from the American company Zimbra. A security vulnerability in the cs/service/account/AutoCompleteGal.java file in versions of Zimbra zm-mailbox prior to 8.8.15.p8 can be exploited by an attacker to request an arbitrary GAL account...
Microsoft Exchange Service Abuse: Ruler
Microsoft Exchange Service Abuse Ruler is a tool that allows you to interact with Exchange servers through the MAPI/HTTP protocol. The main aim is abuse the client-side Outlook mail rules. “ Silentbreak did a great job with this attack and it has served us well. The only downside has been that it...
CVE-2001-0660
Outlook Web Access OWA in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list GAL...
CVE-2001-0660
CVE-2001-0660 affects Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier. The back-end function that processes the Global Address List (GAL) can be accessed without authentication, allowing remote attackers to identify valid user email addresses stored in the GAL. Connected sourc...
CVE-2001-0660
Outlook Web Access OWA in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list GAL...
Microsoft Exchange Outlook Web Access fails to authenticate users when searching the Global Address List
Overview Microsoft Exchange servers that offer the Outlook Web Access service are vulnerable to an information disclosure vulnerability that can reveal any email address stored in the Global Address List. Description The Outlook Web Access OWA component of Microsoft Exchange allows users to acces...
Доступ к глобальному списку адресов в Exchange 5.5 (unauthorized access)
Пожно получить доступ к глобальной адресной книге без авторизации через OWA...
Security Bulletin MS01-047
---------------------------------------------------------------------- Title: OWA Function Allows Unauthenticated User to Enumerate Global Address List Date: 06 September 2001 Software: Exchange 5.5 Impact: Information Disclosure Bulletin: MS01-047 Microsoft encourages customers to review the...