[469] in Best-of-Security
No subject found in mail header
daemon@ATHENA.MIT.EDU (Smart List user)
Sat Nov 15 21:55:00 1997
Date: Wed, 12 Nov EDT 11:55:28 +1100 (EST)
Delivered-To: best-of-security@cyber.com.au
From: Smart List user <slist@cyber.com.au>
X-Originally-To: To: BUGTRAQ@NETSPACE.ORG
X-Originated-From: From: Inigo Gonzalez <igonzalez@ATI.ES>
cheops
Received: from brimstone.netspace.org by postbox.anu.edu.au with ESMTP
(1.37.109.16/16.2) id AA099726111; Wed, 12 Nov 1997 11:55:11 +1100
Received: from unknown@netspace.org (port 58972 [128.148.157.6]) by brims=
tone.netspace.org with ESMTP id <97328-10841>; Tue, 11 Nov 1997 19:28:58 =
-0500
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8c=
) with
spool id 5562243 for BUGTRAQ@NETSPACE.ORG; Tue, 11 Nov 1997 19:=
27:45
-0500
Received: from brimstone.netspace.org (brimstone.netspace.org
[128.148.157.143]) by netspace.org (8.8.7/8.8.2) with ESMTP id
TAA03571 for <BUGTRAQ@NETSPACE.ORG>; Tue, 11 Nov 1997 19:17:13 =
-0500
Received: from unknown@netspace.org (port 58972 [128.148.157.6]) by
brimstone.netspace.org with ESMTP id <96395-10839>; Tue, 11 Nov=
1997
19:16:14 -0500
Approved-By: aleph1@UNDERGROUND.ORG
Received: from em.ati.es (em.ati.es [194.140.128.104]) by netspace.org
(8.8.7/8.8.2) with ESMTP id RAA21373 for <BUGTRAQ@NETSPACE.ORG>=
; Tue,
11 Nov 1997 17:48:17 -0500
Received: from brainworld.es. (igonzalez@inf109.ati.es [194.140.180.109])=
by
em.ati.es (8.7.5/8.7.3) with ESMTP id XAA11623; Tue, 11 Nov 199=
7
23:52:26 +0100
Received: from localhost (igonzalez@localhost) by brainworld.es. (8.7.5/8=
=2E6.9)
with SMTP id KAA00298; Tue, 11 Nov 1997 10:37:00 +0100
X-Sender: igonzalez@brainworld.es.
Illegal-Object: Syntax error in Message-ID: value found on
brimstone.netspace.org: Message-ID:
<Pine.LNX.3.93.971111102912.216C-100000@brainworld.es.>
^-illegal subdomain in domain,
propably extra '.' at the end of the address
X-Copyright: The content of this letter is intelectual propery of the aut=
hor
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=3DISO-8859-1
Content-Transfer-Encoding: 8bit
X-Mime-Autoconverted: from QUOTED-PRINTABLE to 8bit by netspace.org id RA=
A21379
Message-Id: <199711120017.TAA03571@netspace.org>
Date: Tue, 11 Nov 1997 10:36:51 +0100
Reply-To: Inigo Gonzalez <igonzalez@ATI.ES>
Sender: avalon
From: Inigo Gonzalez <igonzalez@ATI.ES>
Organization: Hack The Lies
Subject: Re: Microsoft Office security bug
X-To: Aleph One <aleph1@DFW.NET>
X-Cc: lustiger@att.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SUN.3.94.971107100206.25457B-100000@dfw.dfw.net>
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 7 Nov 1997, Aleph One wrote:
> I discovered what looks like a major hole in Microsoft Office (95 and 9=
7)
> passworded files.
>
> While the files are encrypted (and I know that the Office 95 file
> encryption is laughably weak), *the file attachments are not.* So if yo=
u
> attach a Visio picture or Excel spreadsheet to a passworded Word file,
> they are saved in the clear. Any ASCII file viewer can be used to easil=
y
> verify this.
>
> Needless to say, one can get a lot of information from attachments.
I am no expert on Win32 / OLE-COM-ACtiveX; but it seems that
this isn't Office Fault; but OLE one's.
AFAIK, every OLE container is responsible of its own data;
in this case, you tell Word to cipher his own data, and
Excel/Visio/etc... data is not Word bussiness so it's not
ciphered.
Remember: When you talk to OLE objects, you delegate them
a part of your file + archiving capabilities.
I will take a look at OLE/COM spec to see if there's a
way to tell a COM object to cipher itself, but I seriously
doubt there is one...
So long,
--
I=F1igo Gonzalez <igonzalez@ati.es> - cfingerd maintainer
e-mail fileserver available: mail me with 'send pgp-key'
for my public key. Use 'send help' for instructions.
(don't expect inmediate response: I'm on a dialup)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBNGgnO6QKqXTm2TCtAQGVEAQAuErcnRH8FuUk6cAVMeL0loXFu30Yj2NI
Qt0fElda8YvbBcavfVN8KS0ZgZdvhAnw/9sFvYSiwMFMailC4DEf52bvDxHmWuFV
t2zj8U7rkuXewk8VBEHgTLV9femHo6JroT7YfQneRc4tiIRtdhupNNMTpj5b5PGd
49MyG04Dh5s=3D
=3Dv9Dc
-----END PGP SIGNATURE-----
