• Creation
  • Validation
  • Communication & fix
  • Disclosure

Bibliothèque Royale de Belgique / Microsoft Exchange Server is outdated

zythop reported 2021-11-23

The following Exchange Server is publicly accessible and looks out-dated : https://webmail.kbr.be

It is critical to update to a safe version as soon as possible since multiple CVEs allow remote attackers to DoS or achieve RCE (Remote code execution) on the server. Those vulnerabilities are currently used in ransomware campaign and could damage your network.

Reference:

IP:
193.190.242.19
Port:
443
Detected protocol:
https
Found Exchange server: 
Build: 15.1.2176.14
Version: 2016CU19+KB5003435
Build date: 5/2021
Affected by CVE-2021-42321
Affected by CVE-2021-26427
Affected by CVE-2021-41348
Affected by CVE-2021-31196
Affected by CVE-2021-31206
Affected by CVE-2021-33768
Found by ExchangeVersion 2021-11-16
IP:
193.190.242.19
Port:
443
Detected protocol:
https
Found Exchange server: 
Build: 15.1.2176.14
Version: 2016CU19+KB5003435
Build date: 5/2021
Affected by CVE-2021-42321
Affected by CVE-2021-26427
Affected by CVE-2021-41348
Affected by CVE-2021-31196
Affected by CVE-2021-31206
Affected by CVE-2021-33768
Found by ExchangeVersion 2021-11-24
Report created by zythop  2021-11-23
Report approved by BloodyShell  2021-11-23
New PDF report generated by system 2021-11-23
Report dispatched to ...@... by system 2021-11-23
Report dispatched to ...@... by system 2021-11-23
Report dispatched to ...@... by system 2021-11-23
system commented 2021-11-26: approved shows in report

bip! I'm a LeakIX probe.

This issue looks like it has been resolved!

New PDF report generated by system 2021-11-26
Report comment dispatched to zythop by system 2021-11-26
Report comment dispatched to vulnerabilitydisclosure@ccb.belgium.be by system 2021-11-26
Report comment dispatched to cert@belnet.be by system 2021-11-26
Report comment dispatched to info@kbr.be by system 2021-11-26
BloodyShell commented 2021-11-26: approved shows in report

Not fixed.

Replies 503 from our probe but 200 from other locations.

New PDF report generated by system 2021-11-26
Report comment dispatched to zythop by system 2021-11-26
Report comment dispatched to vulnerabilitydisclosure@ccb.belgium.be by system 2021-11-26
Report comment dispatched to cert@belnet.be by system 2021-11-26
Report comment dispatched to info@kbr.be by system 2021-11-26
BloodyShell commented 2021-11-30: approved shows in report

Now running 15.1.2375.17

New PDF report generated by system 2021-11-30
Report comment dispatched to zythop by system 2021-11-30
Report comment dispatched to vulnerabilitydisclosure@ccb.belgium.be by system 2021-11-30
Report comment dispatched to cert@belnet.be by system 2021-11-30
Report comment dispatched to info@kbr.be by system 2021-11-30
Report marked as fixed by BloodyShell  2021-11-30
Report closed by BloodyShell  2021-11-30
New PDF report generated by system 2021-11-30
Report edited by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Information
Owner Bibliothèque Royale de Belgique
Created 2021-11-23 10:13
Updated 2021-12-01 14:01
Fixed true

Contacts
v...@cert.be
c...@belnet.be
i...@kbr.be

Status
Status closed
Hosting contacted false
CERT contacted false

Download report