Definition Id: oval:org.mitre.oval:def:477
Oval ID: oval:org.mitre.oval:def:477
Title: MS Exchange / OWA NTLM Authentication Vulnerability
Description: Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.
Family: windows Class: vulnerability
Reference(s): CVE-2003-0904
Version: 1
Platform(s): Microsoft Windows 2000
Microsoft Windows Server 2003
Product(s): Microsoft Exchange Server
Definition Synopsis: