Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-01-08T05:00:00
Updated: 2024-08-08T02:05:12.815Z
Reserved: 2003-11-04T00:00:00
Link: CVE-2003-0904
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-01-20T05:00:00.000
Modified: 2024-11-20T23:45:46.093
Link: CVE-2003-0904
Redhat
No data.