- Community Home
- >
- Servers and Operating Systems
- >
- Legacy
- >
- BackOffice Products
- >
- security problem in exchange 2003 server.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-10-2005 01:29 AM
тАО02-10-2005 01:29 AM
security problem in exchange 2003 server.
I am using Windows 2000 Advance Server and Exchange 2003 server.
I am facing a big security risk in my exchange server. The problem is, I can login into another users inbox and can see the mails of them. By doing the following things,
1) type, https://mydomain.com/exchange/username(another user)/inbox
it is asking for the username and password, by giving my username and password, I could enter the another users mailbox.
for ex, take a user A,
by typing https://mydomain.com/exchange/a/inbox, it asks for the username and password,
then i am giving my username and password, then i could see the inbox mails of user A.
I also deleted the cookies and cleared the history, they are helpless!
Please help me in this problem soon.
Thanks in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-10-2005 03:35 AM
тАО02-10-2005 03:35 AM
Re: security problem in exchange 2003 server.
Ron
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-10-2005 03:45 AM
тАО02-10-2005 03:45 AM
Re: security problem in exchange 2003 server.
And I checked with other mail-ids also.not only me others could also see the mail-ids of other people's mail box .
ie., everyone can see everyone's mailbox by this method.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-11-2005 01:00 AM
тАО02-11-2005 01:00 AM
Re: security problem in exchange 2003 server.
the problem occurs only in OWA or you can add anyone mailbox to your mail profile and can see his/her mailbox?
regards,
Akos
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-11-2005 01:05 AM
тАО02-11-2005 01:05 AM
Re: security problem in exchange 2003 server.
http://support.microsoft.com/default.aspx?scid=kb;en-us;264733
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-11-2005 03:32 AM
тАО02-11-2005 03:32 AM
Re: security problem in exchange 2003 server.
I could not get you. Where I can found that. And what is it for?
Thanks in advance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-15-2005 10:09 PM
тАО02-15-2005 10:09 PM
Re: security problem in exchange 2003 server.
It has full mailbox access to everyone. Actually I upgraded exchange 2000 to exchange 2003. So the permissions are mingled. I am not sure whether it is right or wrong. It's my guess.
I think it should be changed to only read permission for everyone group. And when I go to change the mailbox rights, i cant' because they are greyed out and disabled.
Please help me how to change to the settings like in the attached file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-22-2005 12:46 AM
тАО02-22-2005 12:46 AM
Re: security problem in exchange 2003 server.
Event ID:1016
Type:Success Audit
Category: Logons
Source: ExchangeIS Mailbox Store
Windows 2000 User domain\user1 logged on to user2@mydomain.com mailbox, and is not the primary Windows 2000 account on this mailbox.
For more information, click http://www.microsoft.com/contentredirect.asp.
It is sure that user1 has logged into user2's inbox.
I found this in http://support.microsoft.com/kb/173692/EN-US/
But i could not find the solution.
How can I solve it?
Thanks in advance!