BUG: Deleting Exchange 5.5 Mailbox with LDAP Poses Security Risk (252988)


The information in this article applies to:

  • Microsoft Exchange Server 5.5
This article was previously published under Q252988

SYMPTOMS

Using LDAP to delete an Exchange 5.5 mailbox deletes the directory object but not the associated messages and folders in the information store. If a new mailbox with the same distinguished name (DN) is created, regardless of the Windows NT account associated with the new mailbox, the contents of the old information store become available to the new mailbox.

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

MORE INFORMATION

Steps to Reproduce Behavior

  1. Create a mailbox using the Exchange Administration Program (Admin.exe).
  2. Send mail to the mailbox.
  3. Use LDP.exe (or another LDAP based tool) to delete the mailbox.
  4. Recreate a mailbox with the same DN and a different associated Windows NT account using the Exchange Administrator program. To create a user with the same distinguished name, that it has been created in the same container as the previous mailbox and has the same directory name. The directory name is viewable on the Advanced tab of the mailbox.
  5. Log in to the mailbox you made in step 4 and read mail sent before deletion.

REFERENCES

For additional information on how to use the LDP.exe file, click the article number below to view the article in the Microsoft Knowledge Base:

224543 Using Ldp.exe to Find Data in the Active Directory

For additional information on a related DAPI BatchImport bug that was fixed in Exchange 5.5 SP1, click the article number below to view the article in the Microsoft Knowledge Base:

184160 XADM: Messages Left After Deleting Mailbox w/ Directory Import

Modification Type:MinorLast Reviewed:3/4/2004
Keywords:kbbug kbMsg KB252988
©2004 Microsoft Corporation. All rights reserved.