OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Microsoft Exchange Multiple Vulnerabilities

npsecuritypentest.com
Date: Fri Aug 01 2014 - 14:53:59 CDT


Exchange Multiple Internal IP Disclosures
------------------------------------------
Advisory:
http://foofus.net/?p=758
http://www.securitypentest.com/2014/08/exchange-multiple-internal-ip.html

Autodiscover Enumeration Vulnerability
------------------------------------------
Advisory:
http://foofus.net/?p=793
http://www.securitypentest.com/2014/08/autodiscover-enumeration-vulnerability.html

CAS Authentication Timing Attack
------------------------------------------
Advisory:
http://foofus.net/?p=784
http://www.securitypentest.com/2014/08/cas-authentication-timing-attack.html

POC video:
http://www.securitypentest.com/2014/08/owa-timing-attack-poc.html

Tools
------------------------------------------
http://foofus.net/?p=804