MS16-108: Security Update for Microsoft Exchange Server (3185883)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote Microsoft Exchange Server is affected by multiple
vulnerabilities.

Description :

The remote Microsoft Exchange Server is missing a security update. It
is, therefore, affected by multiple vulnerabilities :

- Multiple remote code execution vulnerabilities exist in
the Oracle Outside In libraries. An unauthenticated,
remote attacker can exploit these, via a specially
crafted email, to execute arbitrary code.
(CVE-2015-6014, CVE-2016-3575, CVE-2016-3581,
CVE-2016-3582, CVE-2016-3583, CVE-2016-3591,
CVE-2016-3592, CVE-2016-3593, CVE-2016-3594,
CVE-2016-3595, CVE-2016-3596)

- An unspecified information disclosure vulnerability
exists in the Oracle Outside In libraries that allows an
attacker to disclose sensitive information.
(CVE-2016-3574)

- Multiple denial of service vulnerabilities exists in the
Oracle Outside In libraries. (CVE-2016-3576,
CVE-2016-3577, CVE-2016-3578, CVE-2016-3579,
CVE-2016-3580, CVE-2016-3590)

- An information disclosure vulnerability exists due to
improper parsing of certain unstructured file formats.
An unauthenticated, remote attacker can exploit this,
via a crafted email using 'send as' rights, to disclose
confidential user information. (CVE-2016-0138)

- An open redirect vulnerability exists due to improper
handling of open redirect requests. An unauthenticated,
remote attacker can exploit this, by convincing a user
to click a specially crafted URL, to redirect the user
to a malicious website that spoofs a legitimate one.
(CVE-2016-3378)

- An elevation of privilege vulnerability exists due to
improper handling of meeting invitation requests. An
unauthenticated, remote attacker can exploit this, via a
specially crafted Outlook meeting invitation request,
to gain elevated privileges. (CVE-2016-3379)

See also :

https://technet.microsoft.com/library/security/MS16-108

Solution :

Microsoft has released a set of patches for Exchange Server 2007,
2010, 2013, and 2016.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false