|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
OWA ExploitI am not aware of a fix.
The issue only arises if an attacker sends a link to a user, the user uses the link to visit the arbitrary page, and then enters their credentials. If the user never receives the link, or the user isn't ignorant enough to use the page that comes up, then there is no problem. Basically there is a redirect issue with OWA, but there is no vulnerability beyond that - the rest relies on phising/social engineering... Cheers Ken Show quoteHide quote "Rex Young" <RexYo***@discussions.microsoft.com> wrote in message news:423F4ED9-62BF-4CB6-83A5-6C56CD9FAB70@microsoft.com... : http://www.securiteam.com/windowsntfocus/5EP0E20F6C.html : : Anyone have a fix for this? Not to mention, the user must LOGIN to the OWA server before the redirect
takes place. This vulnerability should be added to the Hall of Cheese. Chris Show quoteHide quote "Rex Young" <RexYo***@discussions.microsoft.com> wrote in message news:423F4ED9-62BF-4CB6-83A5-6C56CD9FAB70@microsoft.com... > http://www.securiteam.com/windowsntfocus/5EP0E20F6C.html > > Anyone have a fix for this? As I understand it, the user doesn't log into OWA.
The user could be tricked into clicking on such a link (believing that it points to their legitimate OWA website). The redirect issue causes an arbitrary page to be displayed to the user. Then the usual social engineer/phishing comes in. If the attacker can make the login page look like a legitimate OWA login page, the user may be fooled into submitting their Windows credentials to the fake site, giving the attacker those credentials. Cheers Ken Show quoteHide quote "Chris Weber [Security MVP]" <ch***@dev.nul> wrote in message news:OxTwWaBMFHA.3500@TK2MSFTNGP14.phx.gbl... : Not to mention, the user must LOGIN to the OWA server before the redirect : takes place. This vulnerability should be added to the Hall of Cheese. : Chris : : : : "Rex Young" <RexYo***@discussions.microsoft.com> wrote in message : news:423F4ED9-62BF-4CB6-83A5-6C56CD9FAB70@microsoft.com... : > http://www.securiteam.com/windowsntfocus/5EP0E20F6C.html : > : > Anyone have a fix for this? : : I'm pretty sure that's not the case. Try it your self and see. The ASP
page which performs the redirect is not even accessible until you have logged in. /Chris Show quoteHide quote "Ken Schaefer" <kenREM***@THISadOpenStatic.com> wrote in message news:OxtSv0BMFHA.1096@tk2msftngp13.phx.gbl... > As I understand it, the user doesn't log into OWA. > > The user could be tricked into clicking on such a link (believing that it > points to their legitimate OWA website). The redirect issue causes an > arbitrary page to be displayed to the user. Then the usual social > engineer/phishing comes in. If the attacker can make the login page look > like a legitimate OWA login page, the user may be fooled into submitting > their Windows credentials to the fake site, giving the attacker those > credentials. > > Cheers > Ken > > > "Chris Weber [Security MVP]" <ch***@dev.nul> wrote in message > news:OxTwWaBMFHA.3500@TK2MSFTNGP14.phx.gbl... > : Not to mention, the user must LOGIN to the OWA server before the > redirect > : takes place. This vulnerability should be added to the Hall of Cheese. > : Chris > : > : > : > : "Rex Young" <RexYo***@discussions.microsoft.com> wrote in message > : news:423F4ED9-62BF-4CB6-83A5-6C56CD9FAB70@microsoft.com... > : > http://www.securiteam.com/windowsntfocus/5EP0E20F6C.html > : > > : > Anyone have a fix for this? > : > : > > 
Other interesting topics
|
|||||||||||||||||||||||
