[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Vulnerability discloses PIN used in Microsoft Excel secure printing

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Vulnerability discloses PIN used in Microsoft Excel secure printing
From: Ed Murphy <ed.b.murphy@xxxxxxxxx>
Date: Mon, 31 Jan 2011 19:01:59 +1100

Hello list,

Stumbled across this today.  It appears Excel spreadsheets store
printer information including the PIN you might use when trying to do
a "secure" print.

http://insecureprinting.com/Microsoft_Excel_Spreadsheets_Expose_User_PIN_Used_for_Confidential_Secure_Printing.pdf

The paper is quite thorough and shows that in most cases the PIN is
stored in clear text in the spreadsheet, though some printer vendors
try to obfuscate the PIN (though not very successfully).

Thanks,
Ed

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Vulnerability discloses PIN used in Microsoft Excel secure printing
  - From: Cal Leeming [Simplicity Media Ltd]

Prev by Date: [Full-disclosure] Harvard.edu LFI
Next by Date: Re: [Full-disclosure] Harvard.edu LFI
Previous by thread: Re: [Full-disclosure] Harvard.edu LFI
Next by thread: Re: [Full-disclosure] Vulnerability discloses PIN used in Microsoft Excel secure printing
Index(es):
- Date
- Thread