RE: Microsoft Security Bulletin MS02-011
From: Matt Conover (shok@camel.ethereal.net)Date: 02/28/02
- Previous message: Steuernagel.Jason: "RE: browser redirection to forward.domainname.at"
- In reply to: Skinner, Kit: "RE: Microsoft Security Bulletin MS02-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Feb 2002 11:11:26 -0800 (PST) From: Matt Conover <shok@camel.ethereal.net> To: "Skinner, Kit" <KSkinner@sandstream.com>
> Does anyone have any details about the "Authentication Flaw" in question?
> Apparently the SMTP service gets back from the NTLM that a user was
> authenticated, but then SMTP should "perform additional checks before
> granting the user access to the service."
I interpret that to mean that once it determines you're a valid NT user
(using your NTLM credentials), you're allowed through, whether or not you
have a valid mail account. I haven't check to see if that's the case,
however.
- Previous message: Steuernagel.Jason: "RE: browser redirection to forward.domainname.at"
- In reply to: Skinner, Kit: "RE: Microsoft Security Bulletin MS02-011"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
