[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Microsoft Outlook Web Access

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Microsoft Outlook Web Access
From: Petko Petkov <ppetkov@xxxxxxxxxxxxxx>
Date: Thu, 13 Oct 2005 10:22:09 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hello there,
I've been messing around with Microsoft Outlook Web Access (SP1)
trying to test and see what I can do. I found several vulnerabilities
on google/securityfocus related to this particular version but non of
them seem to work. I went to Microsoft website and I can't see any
patches available. Well, there is one fix that I really don't know
what is for.

Does any one know if BID:12459 and BID:9409 had been fixed?
If not, is there a way to prevent those attacks from happening?

Thanks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
 
iD8DBQFDTic+Ff/6vxAyUpgRAgWgAJ9d+hpQ650dOfoZiQljAFtfeZJJ5QCgv6bO
mCC1wAHPw4vcA1bKPe45KJY=
=+TZH
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- RE: [Full-disclosure] Microsoft Outlook Web Access
  - From: Vernocchi, Pablo

Prev by Date: Re: [Full-disclosure] Microsoft EFS
Next by Date: [Full-disclosure] [SECURITY] [DSA 865-1] New hylafax packages fix insecure temporary files
Previous by thread: [Full-disclosure] [SECURITY] [DSA 864-1] New Ruby 1.8 packages fix safety bypass
Next by thread: RE: [Full-disclosure] Microsoft Outlook Web Access
Index(es):
- Date
- Thread