Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

security problem with Royal daVinci

From: sigel () QUIKNET COM (Dustin Destree)
Date: Fri, 1 Jan 1999 17:51:05 -0800

This is a multi-part message in MIME format.

------=_NextPart_000_0050_01BE35AF.4E1C9EC0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

ok, aleph, you told me that when I find a security problem with the =
daVinci, to let you know, ok here it is:
the PIM software for the computer (that the daVinci synches with) stores =
all data in .mdb (MS Access format), and with the PIM software, private =
records can be set up to require a password, if you use MS Access to =
read the .mdb files, you can open up the files and get the personal =
information without requiring any password whatsoever.
This bug was found by david breslauer, and another avid reader of my =
daVinci site:
http://www.quiknet.com/~sigel/davinci
--
Dustin Destree
sigel () quiknet com / sigel () oldwarez com
System Administrator SW Inc / GhettoNET
System Administrator The Static Void Project

------=_NextPart_000_0050_01BE35AF.4E1C9EC0
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">

<HTML>
<HEAD>

<META content=3Dtext/html;charset=3Diso-8859-1 =
http-equiv=3DContent-Type>
<META content=3D'"MSHTML 4.72.3612.1700"' name=3DGENERATOR>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT color=3D#000000 size=3D2>ok, aleph, you told me that when I =
find a=20
security problem with the daVinci, to let you know, ok here it =
is:</FONT></DIV>
<DIV><FONT size=3D2>the PIM software for the computer (that the daVinci =
synches=20
with) stores all data in .mdb (MS Access format), and with the PIM =
software,=20
private records can be set up to require a password, if you use MS =
Access to=20
read the .mdb files, you can open up the files and get the personal =
information=20
without requiring any password whatsoever.</FONT></DIV>
<DIV><FONT size=3D2>This bug was found by david breslauer, and another =
avid reader=20
of my daVinci site:</FONT></DIV>
<DIV><FONT size=3D2>http://www.quiknet.com/~sigel/davinci</FONT></DIV>
<DIV><FONT color=3D#000000 size=3D2>--<BR>Dustin Destree<BR><A=20
href=3D"mailto:sigel () quiknet com">sigel () quiknet com</A> / <A=20
href=3D"mailto:sigel () oldwarez com">sigel () oldwarez com</A><BR>System =
Administrator=20
SW Inc / GhettoNET<BR>System Administrator The Static Void=20
Project</FONT></DIV></BODY></HTML>

------=_NextPart_000_0050_01BE35AF.4E1C9EC0--
Previous By Date Next
Previous By Thread Next

Current thread: