lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 9 Jul 2003 19:10:00 +0100 (BST)
From: Shaun Moore <shaunige@...oo.co.uk>
To: bugtraq@...urityfocus.com
Subject: PalmOS Memo Record Hiding Vulnerability.


Application: PalmOS
Operating System: PalmOS
Vendor: Palm(tm)
Versions: ALL
Author: shaunige@...oo.co.uk


-[BACKGROUND]-:

PalmOS includes a pre-installed 'Security'
Application, which allows a Palm enabled device to add
weak security, to hide data and protect the PDA from
casual snoopers.  One particular feature is the
ability to "Hide" Memos set as "Private" in the
Security section of MemoPad, and set a password so
that "Private" memos can only be read by those
possessing the Password.  Once a password is set, the
user would run the MemoPad application, access the
Options menu and click Security.  The user would then
choose to "Show All Records", and is prompted to enter
the previously set password before being able to
access his memos.

This low-level of added Security can, however, easily
be circumvented or bypassed by using third-party
text-editing applications.  Once an attacker is
actively viewing the hidden memo, the memo can be set
to non-"Private".  This is most likely due to a
designing error in the PalmOS programming, as PalmOS
does not attempt to prevent hidden memos from being
accessed in any other application but MemoPad.


-[EXPLOIT]-:

This existing "Vulnerability" can be exploited easily
via a third-party text-editing application, such as
RsrcEdit, Hotpaw BASIC and PEdit.
PalmOS makes no attempt to hide the Memo from other
applications, so all a would-be attacker has to do is
use one of these programs to open the Memo, and do any
reading or editing he/she wants.


-[SOLUTION]-:

I am not aware of any solution, and doubt that one
exists.
This vulnerability will be reported to Palm(tm) if
people think that it is even important enough, and
perhaps there is then a small chance of a patch being
issued...


Thank you for your time.
Shaun.



________________________________________________________________________
Want to chat instantly with your online friends?  Get the FREE Yahoo!
Messenger http://uk.messenger.yahoo.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ