| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Admin at SecureTarget.Net (Kaveh Mofidi) Subject: Microsoft Outlook PST Exposure -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Secure Target Network (Security Advisory August 31, 2003) Topic: Microsoft Outlook PST Exposure Discovery Date: August 28, 2003 Link to Original Advisory: http://securetarget.net/advisory.htm Affected applications and platforms: All versions of Outlook on any Windows platform Introduction: everyone work with .pst files, storing and managing his/her Outlook Data transparently under Microsoft Outlook. A default folder takes care of these data files at: %windrive%\Documents and Settings\User Profile\Local Settings\Application Data\Microsoft\outlook And all of your data may encrypt and maintain as outlook.pst (or archive.pst when you just archive your old data). When you add something to your outlook items (appointments & meetings, tasks, notes, .), your data file probably increases in size but when you delete some items (any size, large or small piece of data), the data do lost from your eyes but usually, does not erase from .pst files. Exploit: As you can probably see, this may effect in a wide range of exposure attacks; no escalation of privileges or any other system compromise directly happen. So, anybody with physical access to your computer would be the reader of your Outlook Items (any task, appointment and .) and any private information there. By the way, this may lead to a worth situation, when you just restore a backed up copy of these .pst files and try to recover your lost data, but there is something different in backups, because you didn't copy a refreshed one. Workaround: the easiest way to work around this vulnerability is physical security countermeasures but for your backups, try to "compact" items before backing up: 1. File?folder?properties of "your desired folder with data files"?General tab?Advanced?Compact Now 2. File?Data File Management?settings?Compact Now Tested on: Outlook 2000 SP3 (9.0.0.6627) on Windows 2000 SP4 Outlook 2002 (10.2627.2625) on Windows XP Professional SP1 Feedback: Kaveh Mofidi (Admin@...ureTarget.Net) Secure Target Network (Security Consulting Group) HTTP://SECURETARGET.NET -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBP1Gzn2O1siv41icpEQJ1QgCg6pgz7WdkyQOfv/NHQHVmLzTTQMkAniWn xf+uy/vKBnuh7W3jnIV6xVsg =t/1h -----END PGP SIGNATURE----- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030831/99f099aa/attachment.html
Powered by blists - more mailing lists