Outlook Web Access (OWA) suffers from a vulnerability that allows direct access to files blocked by policy
2010-02-06 17:30
591 查看
This trick is mostly useful but can also be used for wrong purposes. Since it is so simple, it’s probably already known for some people. If someone sends you a file through OWA but the file is blocked by a policy, this is what you can do: 1-Install firefox 2-Access your email and attachment with the following rule: http://<hostname>/<OWA directory>/<mail box username>/Inbox/<email subject>.EML/<attachment filename> E.g.: http://webmail.example.com/Exchange/myusername/Inbox/virus.EML/virus.zip The best way is to try in following order: 1- http://<hostname>/<OWA directory>/<mail box username>/Inbox – you see all your emails 2- http://<hostname>/<OWA directory>/<mail box username>/Inbox/<email subject>.EML – you see only your email with the blocked files 3- http://<hostname>/<OWA directory>/<mail box username>/Inbox/<email subject>.EML/<attachment filename> – you download the file The actual address could be different for a couple of reasons. Try to check the attachment URL and use it like shown above. This can also be exploited through a malicious email with a link inside pointing to the malware directly. Server environment: Exchange/ OWA 2003 6.5.76* Client environment: firefox 3.0.15 Ricardo Martins CISA, ISO 27001/20000 LA Compliance & Consulting Manager Tel: +351 210 111 616 Fax: +351 210 111 618 www.cso.pt info@cso.pt ______________________________ Chief Security Officers, SA. Edificio Infante D. Henrique Rua João Chagas, 53 - 1º Esq. 1495-764 Dafundo Portugal empresa do grupo Art of Knowledge Pense no Ambiente antes de imprimir / Consider the Environment before printing
相关文章推荐
- Microsoft Outlook Web Access (OWA) version 8.2.254.0 information disclosure vulnerability
- Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:9001/api/size/get. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
- Microsoft Office Outlook Web Access (OWA)初体验
- Failed to initialize NVML: GPU access blocked by the operating system
- Get json formatted string from web by sending HttpWebRequest and then deserialize it to get needed data
- ssh access from windows to linux by putty.
- How to recognize table from PDF files by PageObject Rectangles?
- How to Cheat at Configuring Exchange Server 2007: Including Outlook Web, Mobile, and Voice Access
- Microsoft Office Outlook Web Access (OWA)初体验
- 安装zendServer 报错:Failed to access Web server. Please make sure that the Web server is ..的解决
- ' from origin 'null' has been blocked by CORS policy: Invalid response. Origin 'null' is therefore n
- eWebEditor suffers from a directory traversal vulnerability
- How to use an Outlook Object Model from Visual C++ by using a #import statement
- Configuring OfficeScan 7.3 to prevent downloading malicious executable files from infected web pages
- Exchange Server 2003-管理OWA(Outlook Web Access)
- [Project] Simulate HTTP Post Request to obtain data from Web Page by using Python Scrapy Framework
- 读取OWA(Outlook Web Access)中未读邮件
- Unable to build project output group 'Content Files from SOMEWEB (Active)'
- Exchange Server 2003-管理OWA(Outlook Web Access)
- After new files are added to primary, rman fails at Standby with ORA-20079: Full Resync From Primary