Recycle Bin Unavailability of Service

Secure Target Network (Security Advisory August 04, 2003)

Topic: Recycle Bin Unavailability of Service
Discovery date: July 24, 2003
External: Neohapsis, Full-Disclosure, Security Corporation

Affected applications and platforms:
Windows XP Service Pack 1
Not affected applications and platforms:
Windows 2000 Service Pack 3 (and may others)

Introduction:
I’m sure this is related to security issues because it gets in touch with availability. So, you may want to explore some places with your “Windows Explorer” or “My Computer” from else where. That’s make no sense to you but ever doing exploring from “Recycle Bin” to anywhere else?
You can’t do this and this is a kind of Unavailability!
When you clicked on “Recycle Bin” on any address bar, the word become highlighted and when you trying to type a path, the words and phrases you typed, turn to “Recycle Bin”. This way, you cannot change MANUALLY to any desired location from “Recycle Bin”.

Exploit:
There’s no exploit for this misbehavior but you would be aware of unavailability this situation brings to your desktop because some day may you have not any mouse.

Workaround:
This involved with Windows XP GUI behavior and may fix in future but if you want workaround that, just copy and paste you desire path and press “ENTER” as fast as possible.

Tested on:
Windows XP Service Pack 1
Windows 2000 Service Pack 3

Feedback:
Kaveh Mofidi ( Admin (at) SecureTarget [dot] net )
SECURE TARGET, Cyber Security Research

Secure Target Network (Security Advisory October 27, 2002)

Topic: OE DBX Exposure
Discovery date: October 02, 2002
Discovered by: Kaveh Mofidi
External: Security Tracker, Bugtraq, Secunia
Affected applications and platforms:
All versions of Outlook Express on any Windows platform

Introduction
You already worked with .dbx files, storing and managing your messages under OE. A default folder takes care of them:
%windrive%\Documents and Settings\User Profile\Local Settings\Application Data\Identities\{Class ID}\Microsoft\Outlook Express
All of your messages will give named by their folders and all folders are defined at Folders.dbx file.
When you delete your messages, they move on Deleted Items.dbx (Deleted Items folder), so when you exit from OE, they must gone but this isn’t happening.
Even when you choose “Empty messages from the ‘Deleted Items’ folder on exit” they remain in both yourfolder.dbx and Deleted Items.dbx files.

Exploit
As you can probably see, this may effect in a wide range of exposure attacks; no escalation of privileges or any other system compromise directly happen. So, anybody with physical access to your computer would be the reader of your email messages and any private information there.

Workaround
Manipulating messages and folders containing them may change the way OE refresh its operations but also may lead to leaving more and more DBX files exposed. The only solution to this issue is to deleting the whole target folder.

Tested on
Outlook Express 6.0.2600.0000 on Windows XP
Outlook Express 6.0.2600.0000 and 6.0.2800.1106 on Windows 2000 SP3

Feedback
Kaveh Mofidi ( Admin (at) SecureTarget [dot] net )
SECURE TARGET, Cyber Security Research

New Vulnerability Disclosure Policy

Effective today March 20, 2002, SECURE TARGET will be following a new policy in regards to the disclosure of vulnerability information:

All vulnerabilities discovered by SECURE TARGET or any member of the entity including myself shall will be kept private during discovery and even after initial submission to vendors, unless otherwise explicitly considered harmless with no serious threat or active exploitation.

This policy makes the primary policy “Full disclosure of vulnerability information” ineffective immediately and SECURE TARGET will no longer support disclosure of vulnerabilities as a proactive countermeasure to malicious hacking. We no longer believe in full-disclosure of vulnerabilities as a way of defending against malicious hackers, or strengthening security community. Disclosure of computer security vulnerabilities never made us stronger against hacker community. They maliciously use information to attack networks and users promptly, but the security community never uses this information fast enough to actively mitigate the root causes, so the logic simply does not work.

All the articles publishing from today shall follow the new principle.

SECURE TARGET Anti-Piracy Policy

at SECURE TARGET we ban Software Piracy and we consider it a cyber crime:

  1. SECURE TARGET spreads the words against software piracy, we do not support using of any unpaid commercial software, or without explicit written permission of author.
  2. SECURE TARGET encourage not to use any type of pirated software, warez, cracks, keygens or any other kind of illegal copied software at all.
  3. There is a lot of professional free software applications which probably cover almost all of our needs if one’s cannot afford paying for commercial software.
  4. SECURE TARGET does not accept services or goods from/to people who use pirated licenses: i.e. hostings, gaming platforms, developers…
  5. We respect production of software and there is no exception to software piracy regardless of country or purpose.