Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: msexolin.txt

Microsoft Exchange/Outlook insecurities





Date: Sun, 9 Nov 1997 12:30:50 +0100
From: Martin Stanek <stanek@DCS.FMPH.UNIBA.SK>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Is this a security bug or feature?

I don't know whether this is an old "issue", or new one.
Almost everywhere, people are using Exchange Client
or Outlook to manage their e-mail messages.
It possible for everybody to add an extension to this
program. Extensions are called in various contexts:
  sending, receiving or viewing messages,
  beginning of the session, etc...
Once registered, it's valid (active) for everyone,
who use Outlook or Exchange Client on affected
computer. The extension is not limited only to e-mail
specific tasks - but it can do everything what it
want - and: with permissions of current user.

Extensions are registered in Registry in subkey
HKLM\SOFTWARE\Microsoft\Exchange\Client\Extensions\

This key has Special Access for Everyone:
        Query value
        Set value
        Create Subkey
        Enumerate Subkeys
        Notify
        Delete
        Read Control

Possible scenarios are left for your imagination...

Experimental source code for "stealing" e-mail messages
is available on request.

Martin Stanek
stanek@dcs.fmph.uniba.sk



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH