I thought that the group might be interested in this. The potential flaw lies in the Outlook Web Access (OWA) component of Exchange Server 2003. A network administrator at a Nashville, Tenn., provider of investment performance reporting tools found that users logging in to OWA could be logged in to another user's mailbox at random and have full access privileges.
http://www.nwfusion.com/news/2003/1121microinves2.html?nl Sincerely, Steve ***************************************** Steve Shaff Active Directory / Exchange Administrator Corillian Corporation (W) 503.629.3538 (C) 503.807.4797 (F) 503.629.3674 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
