OE DBX Exposure

• Previous message: Chris Conley: "Recent Postcard Sent To You"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Sun, 27 Oct 2002 15:38:57 +0330
From: Kaveh Mofidi <Admin@SECURETARGET.NET>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Secure Target Network (Security Advisory October 27, 2002)

Topic: OE DBX Exposure

Discovery date: October 02, 2002

Affected applications and platforms:

All versions of Outlook Express on any Windows platform

Introduction:

You already worked with .dbx files, storing and managing your messages under OE. A default folder takes care of them:

%windrive%\Documents and Settings\User Profile\Local Settings\Application Data\Identities\{Class ID}\Microsoft\Outlook Express

All of your messages will give named by their folders and all folders are defined at Folders.dbx file.

When you delete your messages, they move on Deleted Items.dbx (Deleted Items folder), so when you exit from OE, they must gone but this isn't happening.

Even when you choose "Empty messages from the 'Deleted Items' folder on exit" they remain in both yourfolder.dbx and Deleted Items.dbx files.

Exploit:

As you can probably see, this may effect in a wide range of exposure attacks; no escalation of privileges or any other system compromise directly happen. So, anybody with physical access to your computer would be the reader of your email messages and any private information there.

Workaround:

Manipulating messages and folders containing them may change the way OE refresh its operations but also may lead to leaving more and more DBX files exposed. The only solution to this issue is to deleting the whole target folder.

Tested on:

Outlook Express 6.0.2600.0000 on Windows XP

Outlook Express 6.0.2600.0000 and 6.0.2800.1106 on Windows 2000 SP3

Feedback:

Kaveh Mofidi (Admin@SecureTarget.Net)

Secure Target Network (Security Consulting Group)

http://SECURETARGET.NET

• Previous message: Chris Conley: "Recent Postcard Sent To You"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Permanent Deleted Email Recovery? ... "Art" wrote in message ... > just deleting one of the messages in that FOLDER. ... > this by Emptying the contects of my "DELETED ITEMS" ... > a ".dbx" file when I use my MS disk Explorer. ... (microsoft.public.internet.mail) Re: Outlook Express locking up - out of memory ... In Outlook Express place the cursor on Local Folders and select File, ... dbx and Deleted Items. ... Ascertain the file path to the Store Folder -Tools, Options, ... (microsoft.public.windowsxp.help_and_support) Re: "deleted Items" folder size? ... a 13.515MB "deleted items" .dbx folder. ... I guess I would have thought that the deleted items fold- ... I will also add that all store folders for all my identities ... (microsoft.public.windows.inetexplorer.ie6_outlookexpress) Re: Lost Mail Folder ... Search for *.dbx and *.dbt. ... If you find the file that corresponds to the folder, try running DBXpress or DBXtract on it. ... affect the ability of your antivirus software to block infections. ... Most of the problems with a faulty installation are due to other programs ... (microsoft.public.windows.inetexplorer.ie6_outlookexpress) Re: OE6 newsgroup reader problem... ... OE6 newsgroup is 90 days. ... to a user created local folder? ... at a time", that is, to download all the headers again. ... being monitored by the .dbx itself. ... (microsoft.public.windows.inetexplorer.ie6_outlookexpress)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint