Forum Discussion

tacticman_89870's avatar
tacticman_89870
Icon for Nimbostratus rankNimbostratus
Nov 29, 2010

owa hijacking through firepass

Dear all,

 

 

My security team has decided to stop OWA publishing through our current Microsoft ISA Server because of the following security vulnerability :

 

 

http://cve.mitre.org/cgi-bin/cvenam...-2010-3213

 

 

We use Exchange 2003 and Microsoft won't patch Exchange 2003 to correct this threat. Today, we have a firepass V6.03 we publish OWA for some peoples and for most people we use ISA 2006.

 

 

My question is does the vulnerability can be use with the firepass OWA publishing rule or not ? because it can with ISA and microsoft want us to migrate to UAG Server that can block the threat.

 

 

So I have to choose between migrating to UAG server or all the people to firepass if it can block the threat.

 

 

 

 

 

please le me know your advices.

 

 

thanks

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3213http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3213

 

 

 

1 Reply

  • I would like to give an answer on this topic but due to the sensitive nature of the topic I will not. Can you create a ticket with F5 support? They would be better suited for this.