Detections
Analytics
MS13-105: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705)
critical Nessus Plugin ID 71320
Language:
Synopsis
The remote mail server has multiple vulnerabilities.Description
The version of Microsoft Exchange installed on the host is affected by the following vulnerabilities :- A code execution vulnerability exists that could allow an attacker to execute arbitrary code in the context of the OWA service account. (CVE-2013-1330)
- A cross-site scripting vulnerability exists in OWA in which an attacker could elevate their privileges and run a script in the context of the current user.
(CVE-2013-5072)
- Two code execution vulnerabilities exist in the WebReady Document Viewing feature of Outlook Web Access. Code execution is limited to the LocalService account. In addition, a denial of service vulnerability exists in the DLP feature of Exchange 2013. (CVE-2013-5763, CVE-2013-5791)
Solution
Microsoft has released a set of patches for Exchange 2007 SP3, 2010 SP2 and SP3, 2013 CU2 and CU3.See Also
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-105
Plugin Details
Severity: Critical
ID: 71320
File Name: smb_nt_ms13-105.nasl
Version: 1.15
Type: local
Agent: windows
Family: Windows : Microsoft Bulletins
Published: 12/11/2013
Updated: 1/10/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:microsoft:exchange_server
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/10/2013
Vulnerability Publication Date: 9/10/2013
Exploitable With
Core Impact
Reference Information
CVE: CVE-2013-1330, CVE-2013-5072, CVE-2013-5763, CVE-2013-5791