MS16-108: Security Update for Microsoft Exchange Server (3185883)

critical Nessus Plugin ID 93467
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 5.9

Synopsis

The remote Microsoft Exchange Server is affected by multiple vulnerabilities.

Description

The remote Microsoft Exchange Server is missing a security update. It is, therefore, affected by multiple vulnerabilities :

- Multiple remote code execution vulnerabilities exist in the Oracle Outside In libraries. An unauthenticated, remote attacker can exploit these, via a specially crafted email, to execute arbitrary code.
(CVE-2015-6014, CVE-2016-3575, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, CVE-2016-3596)

- An unspecified information disclosure vulnerability exists in the Oracle Outside In libraries that allows an attacker to disclose sensitive information.
(CVE-2016-3574)

- Multiple denial of service vulnerabilities exists in the Oracle Outside In libraries. (CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3590)

- An information disclosure vulnerability exists due to improper parsing of certain unstructured file formats.
An unauthenticated, remote attacker can exploit this, via a crafted email using 'send as' rights, to disclose confidential user information. (CVE-2016-0138)

- An open redirect vulnerability exists due to improper handling of open redirect requests. An unauthenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to redirect the user to a malicious website that spoofs a legitimate one.
(CVE-2016-3378)

- An elevation of privilege vulnerability exists due to improper handling of meeting invitation requests. An unauthenticated, remote attacker can exploit this, via a specially crafted Outlook meeting invitation request, to gain elevated privileges. (CVE-2016-3379)

Solution

Microsoft has released a set of patches for Exchange Server 2007, 2010, 2013, and 2016.

See Also

http://www.nessus.org/u?9e520324

Plugin Details

Severity: Critical

ID: 93467

File Name: smb_nt_ms16-108.nasl

Version: 1.12

Type: local

Agent: windows

Published: 9/13/2016

Updated: 4/20/2021

Dependencies: ms_bulletin_checks_possible.nasl, microsoft_exchange_installed.nbin

Risk Information

Risk Factor: Critical

VPR Score: 5.9

CVSS Score Source: CVE-2015-6014

CVSS v2.0

Base Score: 10

Temporal Score: 7.8

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:exchange_server

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/13/2016

Vulnerability Publication Date: 7/19/2016

Reference Information

CVE: CVE-2015-6014, CVE-2016-0138, CVE-2016-3378, CVE-2016-3379, CVE-2016-3574, CVE-2016-3575, CVE-2016-3576, CVE-2016-3577, CVE-2016-3578, CVE-2016-3579, CVE-2016-3580, CVE-2016-3581, CVE-2016-3582, CVE-2016-3583, CVE-2016-3590, CVE-2016-3591, CVE-2016-3592, CVE-2016-3593, CVE-2016-3594, CVE-2016-3595, CVE-2016-3596

BID: 81233, 91908, 91914, 91921, 91923, 91924, 91925, 91927, 91929, 91931, 91933, 91934, 91935, 91936, 91937, 91939, 91940, 91942, 92806, 92833, 92836

MSFT: MS16-108

MSKB: 3184711, 3184728, 3184736