[23603] in bugtraq
PGP Plugin for Outlook can send unencrypted messages
daemon@ATHENA.MIT.EDU (Peter Trifonov)
Sun Dec 23 18:03:12 2001
Date: 22 Dec 2001 13:41:57 -0000
Message-ID: <20011222134157.15557.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: Peter Trifonov <pvthome@hotbox.ru>
To: bugtraq@securityfocus.com
Summary:
If window focus changes while PGP is encrypting a
message encrypted text goes to the wrong window
and message is sent unencryted
Systems affected:
Discovered on Windows 2000; seems to be the
same on other Windows versions; PGP freeware
7.0.3
Explanation:
PGP plugin seems to operate as follows:
When you press the Send button in the Message
window it selects text FROM ACTIVE WINDOW and
passes it to the PGP Engine. It processes it and puts
ciphertext into the ACTIVE WINDOW replacing the
selected text. But if another window becomes active
while encryption goes on ciphertext goes into that
window and original Message window remains
unaffected. PGP plugin decides that encryption is
done and proceeds with message sending.
Remote attacker can force active window to change,
for example, by sending an ICQ message at the time
of encryption.
Conclusions:
This bug report has been posted here to warn people
about potential danger coming from easy-to-use
window-button interface to encryption software.
However, it seems to me that the problem can be
easily fixed
