UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Scripts are Permitted to Execute in the ExAdmin Virtual Server.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18805 EMG2-255 Exch2K3 SV-20532r1_rule ECLP-1 Medium
Description
The ExAdmin Virtual Server is used by the Exchange System Manager to access mailboxes and Public Folders. As such, it is a required part of the Exchange application. The Exchange System Manager is a central part of the Exchange application and without these capabilities it will be unable to function properly. Scripts on servers are a frequent cause of server compromises. Since virtual servers are the primary interface between Exchange and the web, they are particularly at risk of compromise. Therefore, attack vectors via scripts and executables running on the server should be minimized. The ExAdmin Virtual Server is used by the Exchange System Manager to access mailboxes and Public Folders. This control allows the administrator to specify whether scripts and/or executables may be run on this virtual server. Scripts and executables should be denied the ability to run on this server. The Exchange System Manager is the only entity that interfaces with it, and since the default provides all of the capabilities needed, there should be no reason to change it.
STIG Date
Microsoft Exchange Server 2003 2014-08-19

Details

Check Text ( C-22515r1_chk )
Validate the ExAdmin script permissions.

Procedure: Exchange system Manager >>Administrative Groups>> [administrative group]>> Servers >> [server name] >> protocols >> HTTP >> Exchange Virtual Server >> ExAdmin >> Properties >> Access tab

For Execute Permissions, ‘None’ should be selected.

Criteria: If ‘None’ is selected for Execute Permissions, this is not a finding.
Fix Text (F-19465r1_fix)
Configure the ExAdmin Script Permissions.

Procedure: Exchange system Manager >>Administrative Groups>> [administrative group]>> Servers >> [server name] >> protocols >> HTTP >> Exchange Virtual Server >> ExAdmin >> Properties >> Access tab

Select ‘None’ on Execute Permissions.