Summary
Microsoft Exchange Public Folders can be set to allow anonymous connections (set by default). If this is not changed it is possible for
an attacker to gain critical information about the users (such as full email address, phone number, etc) that are present in the Exchange Server.
Additional information:
http://www.securiteam.com/windowsntfocus/5WP091P5FQ.html
Severity
Classification
-
CVE CVE-2001-0660 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
- Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Win)
- Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
- Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)