[34257] in bugtraq
R: UPDATED: MS Word - password protection vulnerabilty
daemon@ATHENA.MIT.EDU (s.zdrojewski@itvirtualcommunity.ne)
Fri Mar 26 13:33:19 2004
From: s.zdrojewski@itvirtualcommunity.net
To: "'Andrew W Barkley'" <abarkle3@csc.com>, bugtraq@securityfocus.com
Date: Fri, 26 Mar 2004 10:57:45 +0100
Message-ID: <000301c41318$ca773790$b600a8c0@technomind.company>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
In-Reply-To: <OF6B45D0C8.03C26E97-ON80256E62.00690EF5@csc.com>
Content-Transfer-Encoding: 8bit
Actually these problems seems to be solved using SP3 of Office XP Published
on MS04-009.
Cheers
-
> -----Messaggio originale-----
> Da: Andrew W Barkley [mailto:abarkle3@csc.com]
> Inviato: giovedì 25 marzo 2004 20.09
> A: bugtraq@securityfocus.com
> Oggetto: UPDATED: MS Word - password protection vulnerabilty
> Priorità: Alta
>
> Hi ...
>
>
> There are several vulnerabilities published/discussed regarding MS Word &
> MS Office in general, however, 'tis is the most "no brainer" I've
> discovered ...
>
> Vulnerability:
> Password protected document that has "tracked changes, comments or forms"
> password protected
>
> Vulerable:
> MS Word (Win2K/XP)
>
>
> Example 1
> 1) Open MS Word with a new/blank page
> 2) Now select "Insert" >> "File" & browse for your password protected doc
> &
> select "Insert" & "Insert" into your new/blank doc
> 3) Now select Tools >> & Whey hey, voila, there's no longer an "Unprotect
> document" ... password vanished ...
>
> Example 2
> 1) Open your password protected doc in MS Word i.e. you can't edit
> protected fields (apparently)
> 2) Save as a Rich Text Format (RTF) & keep this RTF file open in MS Word
> (YES, keep open)
> 3) Whilst your new RTF file is open in MS Word, go "File Open" & find your
> newly saved RTF file & open (YES, you DO need to do 'tis even though you
> already have it open)
> 4) If prompted to revert say YES, if not prompted stay calm. Now in your
> MS Word menu go & "Unprotect Document", amazingly, voila, you don't get
> prompted for a password
>
>
> Change password if ya like & or save in whatever format if ya like ...
>
>
> L0phtphrack :-/
Sebastian "En3pY" Zdrojewski
IT Development
IT Virtual Community
http://www.itvc.net
