Re: Exchange Server 5.0 POP3 Security Hole

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Yuri Volobuev: "Re: syslogd fun (erratum)"
• Previous message: CERT Bulletin: "CERT Vendor-Initiated Bulletin VB-97.07 - SGI webdist, handler, wrap"
• Maybe in reply to: Attila Bartfai: "Exchange Server 5.0 POP3 Security Hole"

Yep - I checked and it looks like the article has not yet propagated to the
external servers. I'm told this should happen sometime today. In the
meantime, here are the relevant registry keys from the article:

MORE INFORMATION
================
The credentials cache is controlled by the following registry values:

HKLM\System\CurrentControlSet\Services
\MsExchangeIs\ParametersNetIf
\Credentials Cache Age Limit (Default = 120 minutes)

HKLM\System\CurrentControlSet\Services
\MsExchangeIs\ParametersNetIf
\Credentials Cache Idle Limit (Default = 15 minutes)

HKLM\System\CurrentControlSet\Services
\MsExchangeIs\ParametersNetIf
\Credentials Cache Size (Default = 256 buckets,
to turn off caching, you should set the size = 0)

Sue Mosher [MVP] wrote in message <01bcb2a4$703f2b60$0100007f@mailman>...
>Jim,
>
>That KB article is not posted yet.
>
>--
>Sue Mosher
>Slipstick Systems, Moscow
>FAQs at Exchange Center -- http://www.slipstick.com/exchange
>
>

[end of message ... text also available at <url:http://www.reference.com/cgi-bin/pn/go.py?choice=message&table=08_1997&mid=4298506&hilit=HOLE+SECURITY> ]

• Next message: Yuri Volobuev: "Re: syslogd fun (erratum)"
• Previous message: CERT Bulletin: "CERT Vendor-Initiated Bulletin VB-97.07 - SGI webdist, handler, wrap"
• Maybe in reply to: Attila Bartfai: "Exchange Server 5.0 POP3 Security Hole"