:-) Al,
I think you missed the key point in the message - the sarcasm over the entire issue. I had hoped that the raging, stupid statement about 'a huge, gaping..' blah, blah and the Dennis Miller quip tipped everyone off to my wry humor. Pardons if I led you astray. Personally, and truthfully, I think it's a crock that has been blown way out of proportion by a media that is always looking for the sensational and found it in a completely difficult to reproduce, if at all, unsupported configuration. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone WebLog - www.msmvps.com/willhack4food -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al Sent: Tuesday, November 25, 2003 8:13 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Microsoft investigates possible Exchange 2003 fla w Is it? What are the details that surround this "flaw" ? The press release says that he disabled Kerberos. What are they talking about there in his case? He disabled it for IIS? He disabled it for..? How do the casual observers recreate the problem to verify if it's even an issue to the rest of us commoners? Al -----Original Message----- From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Monday, November 24, 2003 11:11 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Microsoft investigates possible Exchange 2003 flaw Steve, Thanks for bringing this up. I've known about this issue for a bit of time (~5 days), and I think you're being kind saying it's a potential flaw. IMNSHO, it's a really huge, gaping, festering wound that one could drive a Peterbuilt through. But, I could be wrong..... ;o) Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone WebLog - www.msmvps.com/willhack4food -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Shaff Sent: Monday, November 24, 2003 4:24 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Microsoft investigates possible Exchange 2003 flaw I thought that the group might be interested in this. The potential flaw lies in the Outlook Web Access (OWA) component of Exchange Server 2003. A network administrator at a Nashville, Tenn., provider of investment performance reporting tools found that users logging in to OWA could be logged in to another user's mailbox at random and have full access privileges. http://www.nwfusion.com/news/2003/1121microinves2.html?nl Sincerely, Steve ***************************************** Steve Shaff Active Directory / Exchange Administrator Corillian Corporation (W) 503.629.3538 (C) 503.807.4797 (F) 503.629.3674 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
