exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

word98.mac.txt

word98.mac.txt
Posted Aug 17, 1999
Authored by eEye Digital Security

Macintosh version of Microsoft Word '98 includes sensitive material in document files. Specifically, document files created in Word '98 frequently include unrelated data taken from the hard-drive. This data can contain passwords, or other confidential information that is on the hard-drive. 9902-exploits/ws_ftp-DoS.txt WS_FTP Server Remote Denial of Service Attack. Exploit example included.

tags | exploit, remote, denial of service
SHA-256 | cfba308b0139e7c2f2d406029d0033be1c7b5c3e93df2d0bee8fc167bf33e9d2

word98.mac.txt

Change Mirror Download
  Article Title 

Macintosh version of Word '98 includes sensitive material in document files.



Article Summary
Microsoft recently released a patch that solves a serious security problem in Word '98 for Macintosh.
It seems that Word '98 includes unrelated data taken from the hard-drive. This data can contain
passwords, or other confidential information that is on the hard-drive.



Article Details
Since Word ignores the logical end of file and includes the entire contents of the final disk sector in the file,
other information can be placed in a document file. When this file is sent to other recipients, the hidden data
is sent with it.
This data is not viewable by Word, but any binary editor can view the file and reveal the information in it.
Although Microsoft claims only information from the hard drive is placed in the document (a bad thing by
itself!) several reports mention that information from the memory is included as well.



Additional information
MacInTouch magazine has conducted a thorough research on this problem:
http://www1.macintouch.com/o98security.html
Microsoft has published a knowledge base article on this matter:
http://www.microsoft.com/macoffice/productinfo/issues.htm
And also released a patch that solves this problem:
http://www.microsoft.com/macoffice/productinfo/98dl/offi98patch.htm
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close