RE: Outlook On The Web Security Risk!!!

• From: "Dee Arnold" <Deea@xxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Thu, 9 Feb 2006 12:55:08 -0600

If you are an administrator, you will be able to do this. Have you logged in
as a common user and tried it? 

-----Original Message-----
From: Bob Fronk [mailto:bobfronk@xxxxxxxxx] 
Sent: Thursday, February 09, 2006 12:32 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Outlook On The Web Security Risk!!!

http://www.MSExchange.org/

It shouldn't.... You have a permissions issue somewhere.

Bob Fronk
bobfronk@xxxxxxxxx
> -----Original Message-----
> From: Phil Marano [mailto:pmarano@xxxxxxxx]
> Sent: Thursday, February 09, 2006 12:53 PM
> To: [ExchangeList]
> Subject: [exchangelist] Outlook On The Web Security Risk!!!
> 
> http://www.MSExchange.org/
> 
> Does anyone know how to prevent users once they are logged into their 
> mail account via the web client from adding another users email 
> account name to the end of the current web address and viewing that persons
mailbox?
> 
> (ie:
> http://mail.yourdomain.com/exchange/jdoe
> <---- adding a users account name to then of the /exchange/ directory 
> will allow that person to view anyone mailbox.)
> 
> This is exchange 2003
> 
> ------------------------------------------------------
> List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this MSExchange.org Discussion List as:
> bfronk@xxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to info@xxxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
deea@xxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx


#####################################################################################
Only the individual sender is responsible for the content of the message, and 
the message does not necessarily reflect the position or policy of the Texas 
State Teachers Association or its affiliates.

Other related posts:

• » Outlook On The Web Security Risk!!!
• » Re: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!
• » RE: Outlook On The Web Security Risk!!!

1. Home
2. exchangelist
3. Archive
4. 02-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---