Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/01/2004 Updated: 09/04/2020

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

VMScore: 534

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft exchange server 2003
microsoft sharepoint services 2.0
microsoft windows server 2003
microsoft windows server 2003 -
microsoft windows server 2003 r2

CWE-200 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0311&L=ntbugtraq&F=P&S=&P=9281 http://www.microsoft.com/exchange/support/e2k3owa.asp http://www.securityfocus.com/bid/9118 http://www.kb.cert.org/vuls/id/530660 http://secunia.com/advisories/10615 http://www.securityfocus.com/bid/9409 https://exchange.xforce.ibmcloud.com/vulnerabilities/13869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A477 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-002 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/530660

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0904

Vulnerability Summary

References

Vulmon Search

About

Products

Connect