Detections
Analytics

MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)

medium Nessus Plugin ID 79827

Language:

Synopsis

The remote mail server is affected by multiple vulnerabilities.

Description

The version of Microsoft Exchange installed on the remote host is affected by multiple vulnerabilities :

 - A token spoofing vulnerability exists due to Microsoft Outlook Web App (OWA) not properly validating request tokens. A remote attacker can exploit this vulnerability by convincing a user to visit a website with specially crafted content, allowing the attacker to send email that appears to come from a user other than the attacker. (CVE-2014-6319)

 - Multiple cross-site scripting vulnerabilities exist due to Microsoft Exchange not properly validating input. A remote attacker can exploit these vulnerabilities by convincing a user to click a specially crafted URL to the targeted Outlook Web App site. (CVE-2014-6325, CVE-2014-6326).

 - A spoofing vulnerability exists due to Microsoft Outlook Web App (OWA) not properly validating redirection tokens. An attacker can exploit this vulnerability to redirect a user to an arbitrary domain from a link that appears to originate from the user's domain. An attacker can also exploit this vulnerability to send email that appears to come from a user other than the attacker. (CVE-2014-6336).

Solution

Microsoft has released a set of patches for Exchange 2007 SP3, 2010 SP3, and 2013 SP1 / CU6.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-075

Plugin Details

Severity: Medium

ID: 79827

File Name: smb_nt_ms14-075.nasl

Version: 1.10

Type: local

Agent: windows

Published: 12/9/2014

Updated: 11/25/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2014-6319

Vulnerability Information

CPE: cpe:/a:microsoft:exchange_server

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 12/9/2014

Vulnerability Publication Date: 12/9/2014

Reference Information

CVE: CVE-2014-6319, CVE-2014-6325, CVE-2014-6326, CVE-2014-6336

BID: 71437, 71440, 71441, 71442

MSFT: MS14-075

MSKB: 2986475, 2996150, 3011140