Full Disclosure mailing list archives
Re: IIS/Outlook Web Access..
From: Jason <security () brvenik com>
Date: Mon, 21 Jul 2003 23:45:01 -0400
This being full disclosure and all...I am interested in what exactly Outlook 2003 does that causes IIS so much issue? My gutt answers in ( )s.
Can this be replicated without Outlook 2003? ( probably ) Can this be done with or without a user account? ( users only ) Is this only a DOS for servers with OWA running? ( probably ) Is it just a DOS or a lurking exploitable condition? ( DOS )Is it a persistent DOS against IIS and OWA or does a restart resolve it? ( restart ) Is it reliably reproducible or dependent on an obscure configuration option? ( reliable )
If you can provide these details then I think the list would be interested. Otherwise you may be better off going to one of the more Exchange / MS focused lists for bug sympathy/help.
LaRose, Dallas wrote:
-----Original Message-----From: Christopher F. Herot [mailto:cherot () appliedmessaging com] Maybe you should upgrade from Exchange 5.5 to 2000. We have had peopleusing Outlook 2003 client and OWA with Exchange 2000 for several months without incident. ========== Although I'll recognize that an upgrade to E2K is prudent and may resolve the issue, a problem in a product that is still in use should be recognized and documented. Although my company is interested in upgrading to both Outlook 2003 and Exchange 2K+, the upgrade to Outlook 2003 will likely come first due to complexities in the Exchange upgrade. I think it's fair to test the combination of Outlook 2003 and Exchange 5.5 OWA, and I'm interested to know the results. Does Microsoft have a Q article that acknowledges the issue? Dallas LaRose Senior Network Engineer S2 Systems, Inc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IIS/Outlook Web Access.. Darren Bennett (Jul 21)
- <Possible follow-ups>
- RE: IIS/Outlook Web Access.. Christopher F. Herot (Jul 21)
- RE: IIS/Outlook Web Access.. LaRose, Dallas (Jul 21)
- Re: IIS/Outlook Web Access.. Jason (Jul 21)
- Re: IIS/Outlook Web Access.. Darren Bennett (Jul 22)
- Re: IIS/Outlook Web Access.. Jason (Jul 21)