We are having the following issue when running a 3rd party scan on the OWA servers Exchange 2003
This issue has been reported here as well but there was not solution provided:
My server is up to date.
Here is the error from the scanner:
Syntax error occurred port 80/tcp
QID: 150022 CVSS Base: 7.5 PCI Severity:
Category: Web Application CVSS Temporal: 6.8
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Last Update: 01/16/2009
A test payload generated a syntax error within the web application. This often points to a problem with input validation routines or lack of filters on
Scan Results page 62
A malicious user may be able to create a denial of service, serious error, or exploit depending on the error encountered by the web application.
The web application should restrict user-supplied to consist of a minimal set of characters necessary for the input field. Additionally, all content
received from the client (i.e. web browser) should be validated to an expected format or checked for malicious content.
<font face="Arial" size=2>
<p>Microsoft VBScript runtime </font> <font face="Arial" size=2>error '800a000d'</font>
<font face="Arial" size=2>Type mismatch: '[st