Windows : Microsoft Bulletins : Microsoft Exchange Server Privilege Escalation Vulnerability (3062157)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.805198

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Exchange Server Privilege Escalation Vulnerability (3062157)

Resumen: This host is missing an important security; update according to Microsoft Bulletin MS15-064.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS15-064.

Vulnerability Insight:
Flaw is due to Microsoft Exchange web
applications when Exchange does not properly manage same-origin policy.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to scan and attack systems behind a firewall that are normally
inaccessible from the outside world, enumerate and attack services that are
running on these host systems and exploit host-based authentication services.

Affected Software/OS:
Microsoft Exchange Server 2013 SP1 and Microsoft Exchange Server 2013 Cumulative Update 8.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1764
BugTraq ID: 75007
http://www.securityfocus.com/bid/75007
Microsoft Security Bulletin: MS15-064
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-064
http://www.securitytracker.com/id/1032528
Common Vulnerability Exposure (CVE) ID: CVE-2015-1771
BugTraq ID: 75011
http://www.securityfocus.com/bid/75011
Common Vulnerability Exposure (CVE) ID: CVE-2015-2359
BugTraq ID: 75013
http://www.securityfocus.com/bid/75013

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.805198
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Exchange Server Privilege Escalation Vulnerability (3062157)
Resumen:	This host is missing an important security; update according to Microsoft Bulletin MS15-064.
Descripción:	Summary: This host is missing an important security update according to Microsoft Bulletin MS15-064. Vulnerability Insight: Flaw is due to Microsoft Exchange web applications when Exchange does not properly manage same-origin policy. Vulnerability Impact: Successful exploitation will allow remote attackers to scan and attack systems behind a firewall that are normally inaccessible from the outside world, enumerate and attack services that are running on these host systems and exploit host-based authentication services. Affected Software/OS: Microsoft Exchange Server 2013 SP1 and Microsoft Exchange Server 2013 Cumulative Update 8. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1764 BugTraq ID: 75007 http://www.securityfocus.com/bid/75007 Microsoft Security Bulletin: MS15-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-064 http://www.securitytracker.com/id/1032528 Common Vulnerability Exposure (CVE) ID: CVE-2015-1771 BugTraq ID: 75011 http://www.securityfocus.com/bid/75011 Common Vulnerability Exposure (CVE) ID: CVE-2015-2359 BugTraq ID: 75013 http://www.securityfocus.com/bid/75013
Copyright	Copyright (C) 2015 Greenbone AG