This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2004-01-20
Product Windows Server 2003 Last view 2004-01-20
Version * Type Os
Update *  
Edition *  
Language *  
Sofware Edition enterprise  
Target Software *  
Target Hardware x64  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2003

Activity : Overall

Related : CVE

  Date Alert Description
6 2004-01-20 CVE-2003-0904

Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-200 Information Exposure

Open Source Vulnerability Database (OSVDB)

id Description
3490 Microsoft Exchange 2003 OWA Mailbox Access Information Disclosure

Nessus® Vulnerability Scanner

id Description
2004-01-13 Name: It is possible to access other users mailboxes.
File: smb_nt_ms04-002.nasl - Type: ACT_GATHER_INFO