New Wave of Cyberattacks Targeting MS Exchange Servers

By Waqas Cybercriminals are leveraging two exploit chains ProxyNotShell/OWASSRF to target Microsoft Exchange servers, as warned by Bitdefender Labs. This is a post from HackRead.com Read the original post: New Wave of Cyberattacks Targeting MS Exchange Servers...

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

Summary At the end of September, GTSC reported an attack on critical infrastructure that took place in August. During the investigation, experts found that two 0-day vulnerabilities in Microsoft Exchange Server were used in the attack. The first one, later identified as CVE-2022-41040, is a...

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers

An advanced persistent threat APT actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft...

libspf2 buffer overflow vulnerability

libspf2 is a library that allows email systems such as Sendmail, Postfix, Exim, Zmailer, and MS Exchange to check SPF records and ensure that email is authorized from its domain. libspf2 suffers from a buffer overflow vulnerability, which stems from the fact that libspf2's SPF macro can trigger a...

Unpatched MS Exchange servers hit by cryptojacking malware

By Waqas Threat actors are looking for vulnerable, unpatched Microsoft Exchange servers and installing cryptocurrency mining malware on them. This is a post from HackRead.com Read the original post: Unpatched MS Exchange servers hit by cryptojacking malware...

OPENSUSE-SU-2021:0093-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.6.1 changed: MailExtensions: browserAction, composeAction, and messageDisplayAction toolbar buttons now support label and defaultlabel properties bmo1583478 fixed: Running a quicksearch that returned no result...

CVE-2019-12759

Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...

CVE-2019-12759

CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...

Skype for business is also vulnerable to the autodiscovery issue

An issue in WPAD proxy automatic configuration was first discovered by Maxim Andreev back in 2015 at the MailRu group security meet-up and then was presented by Maxim Goncharov at BlackHat US 2016 slides. This year Ilya Nesterov and Maxim Goncharov presented a continuation of this research and...

Tasks & Notes for MS Exchange - Customized SSL, Exported ContentProvider, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Tasks & Notes for MS Exchange published at the 'play' market has multiple vulnerabilities...

Computer Associates InoculateIT 4.53 MS Exchange Agent Vulnerability

No description provided by source. source : http://www.securityfocus.com/bid/1935/info InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers. A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the age...

[SECURITY] Fedora 17 Update: evolution-mapi-3.4.1-3.fc17

This package allows Evolution to interact with MS Exchange 2007 servers...

F-Secure Multiple Products Detection (Windows SMB Login)

SMB login-based detection of F-Secure Anti-Virus for MS Exchange, Workstations and Internet GateKeeper. Copyright C 2009 Greenbone Networks GmbH, http://www.greenbone.net Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MS06-019 Exchange MODPROP Heap Overflow

This module triggers a heap overflow vulnerability in MS Exchange that occurs when multiple malformed MODPROP values occur in a VCAL request. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

CVE-2005-3468

CVE-2005-3468 describes a directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40–6.42. The flaw lets limited remote attackers bypass Web Console authentication and read files, exposing partial confidentiality. The provided documents confi...

Релеинг через MS Exchange (Mail Relaying)

Любой пользователь, способный пройти авторизацию получает доступ к SMTP-серверу...

RPC DoS против MS Exchange/SQL/Windows NT/2000

Некорректный RPCзапрос приводит к краху сервисов...