Introduction
The version of Outlook Web Access contains a URL redirection vulnerability. However, this would require user interaction to be abused such as embedded URL within an email that is clicked on.

Method
It is possible to provide an arbitrary "url" value.

http://mail.[victim].com/exchweb/bin/auth/owalogon.asp?url=http://[attacker]/Exchange&reason=0
​
Recommendation
Informational only. Microsoft expects this to be resolved in Exchange 2007.

Introduction
The portal requires users submit a username and password to authenticate. This communication is not encrypted.

Method
Check the HTML source code on the form page, and examine whether the FORM ACTION is GET/POST to a HTTPS:// URI.
​
Recommendation
1) Enable SSL and disable HTTP for the portal
2) Use two-factor tokens (one time password) for strong authentication.
3) Modify the HTML source to ensure the data is POST'ed to a HTTPS URL.

1.In Microsoft Windows, open Administrative Tools, and then click Internet Information Services (IIS) Manager.
IIS Manager appears.

2.Under Internet Information Services, expand Servername (local computer), expand Web Sites, right-click either Websitename or Default Website, and then click Properties.
The Web Site Properties dialog box appears.

3.Click the Home Directory tab, and then click Configuration.
The Application Configuration Settings dialog box appears.

4.Click the Debugging tab.
​
5.Change the radio button from "Send detailed ASP error messages to client" to "Send the following text error messages" and specify an error.

Introduction
The FTP service reveals the Operating System type via the 'SYST' command.
This is historically used to determine how to handle file types as many OSes format data differently.

Method
# telnet ftp.microsoft.com 21
Trying 64.4.30.33...
Connected to ftp.microsoft.com.
Escape character is '^]'.
220 Microsoft FTP Service
USER anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
PASS [email protected]
230-Welcome to FTP.MICROSOFT.COM. Also visit http://www.microsoft.com/downloads.
230 User logged in.
SYST
215 Windows_NT
QUIT
221 Thank you for using Microsoft products.
Connection closed by foreign host.
​
Recommendation
Informational.