Microsoft KB Archive/167710

= XCLN: POP and IMAP Security Issues =

Article ID: 167710

Article Last Modified on 8/16/2005

-

APPLIES TO


 * Microsoft Exchange Client 4.0 for Macintosh
 * Microsoft Exchange Client 5.0 for Macintosh
 * Microsoft Exchange Client 4.0
 * Microsoft Exchange MS-DOS client 5.0
 * Microsoft Exchange Client 4.0
 * Microsoft Exchange Client 5.0
 * Microsoft Exchange Client 4.0
 * Microsoft Exchange Client 5.0

-



This article was previously published under Q167710



The Computer Emergency Response Team Coordination Center (CERT/CC) recently released a warning memorandum that stated that certain implementations of Post Office Protocol (POP) and Internet Mail Access Protocol (IMAP) mail were vulnerable to a "Root Level" attack from outside agents. (Agents here means users or software designed to maliciously attack a foreign server or mail system.) Microsoft Exchange Clients are not vulnerable to such attacks.

This kind of attack or security breach is only possible under certain iterations of the UNIX operating system; the problem is due to the way file and user access are offered. Because Microsoft Exchange Server is based on the Windows NT Server operating system, our products are not vulnerable to such attacks.

For more information, please go to the following URL

http://www.cert.org/

and view the following bulletin:

CERT* Advisory CA-97.09

Original issue date: April 7, 1997

Last revised: April 18, 1997

Keywords: kbusage KB167710

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.