Microsoft Access 97 Cleartext Password Storage

1998-06-23T00:00:00
ID OSVDB:5887
Type osvdb
Reporter Adam Shostack(adam@homeport.org)
Modified 1998-06-23T00:00:00

Description

Vulnerability Description

Microsoft Access contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when a Access database file (.mdb) is leaked, which may lead to a loss of confidentiality and integrity.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Use a third party encryption system, such as PGP.

Short Description

Microsoft Access contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to plaintext passwords when a Access database file (.mdb) is leaked, which may lead to a loss of confidentiality and integrity.

References:

Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/1999_1/0457.html ISS X-Force ID: 1774 Generic Informational URL: http://groups.google.com/groups?oi=djq&selm=an_365308578 CVE-1999-0364