Info

Disclosure

Jun 23, 1998

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Microsoft Access contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when a Access database file (.mdb) is leaked, which may lead to a loss of confidentiality and integrity.

Classification

Location: Local Access Required
Attack Type: Cryptographic, Information Disclosure
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Use a third party encryption system, such as PGP.

Products

Microsoft Corporation

Access

References

Generic Informational URL: http://groups.google.com/groups?oi=djq&selm=an_365308578
Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/1999_1/0457.html
ISS X-Force ID: 1774
CVE ID: 1999-0364 (see also: NVD)

Credit

Adam Shostack - adamhomeport.org -

Direct URL: http://osvdb.org/36218