Re: Exchange Server 5.0 POP3 Security Hole

aleph1DFW.NET

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Yuri Volobuev: "Re: syslogd fun (erratum)"
• Previous message: Erik Tornstam: "Re: Active X exploit."
• Maybe in reply to: Attila Bartfai: "Exchange Server 5.0 POP3 Security Hole"

---------- Forwarded message ----------
Article-ID: 08_1997&4298506
Subject: Re: Exchange Server 5.0 POP3 Security Hole
From: "Jim Reitz" <jimreexchange.microsoft.com>
Date: Wed, 27 Aug 1997 09:08:39 -0700
Message-ID: <uJ$a4Ows8GA.170uppssnewspub04.moswest.msn.net>
Newsgroups: microsoft.public.exchange.admin


Yep - I checked and it looks like the article has not yet propagated to the
external servers. I'm told this should happen sometime today. In the
meantime, here are the relevant registry keys from the article:

MORE INFORMATION
================
The credentials cache is controlled by the following registry values:

HKLM\System\CurrentControlSet\Services
    \MsExchangeIs\ParametersNetIf
    \Credentials Cache Age Limit                  (Default  = 120 minutes)

HKLM\System\CurrentControlSet\Services
    \MsExchangeIs\ParametersNetIf
    \Credentials Cache Idle Limit                  (Default = 15 minutes)

HKLM\System\CurrentControlSet\Services
     \MsExchangeIs\ParametersNetIf
      \Credentials Cache Size                       (Default = 256 buckets,
to turn off caching, you should set the size = 0)

Sue Mosher [MVP] wrote in message <01bcb2a4$703f2b60$0100007fmailman>...
>Jim,
>
>That KB article is not posted yet.
>
>--
>Sue Mosher
>Slipstick Systems, Moscow
>FAQs at Exchange Center --  http://www.slipstick.com/exchange
>
>




[end of message ... text also available at <url:http://www.reference.com/cgi-bin/pn/go.py?choice=message&table=08_1997&mid=4298506&hilit=HOLE+SECURITY> ]

• Next message: Yuri Volobuev: "Re: syslogd fun (erratum)"
• Previous message: Erik Tornstam: "Re: Active X exploit."
• Maybe in reply to: Attila Bartfai: "Exchange Server 5.0 POP3 Security Hole"