New User, Welcome!     Login

Hamburg, Germany

AW: MS Office 2007: Digital Signature does not protect Meta-Data

H.-D. Naujoks
TV SD Informatik und Consulting Services GmbH


-----Ursprngliche Nachricht-----
Von: Henrich C. Poehls [mailto:poehls@informatik.uni-hamburg.de] 
Gesendet: Freitag, 14. Dezember 2007 12:08
An: Naujoks, Hans-Dietmar
Cc: bugtraq@securityfocus.com
Betreff: Re: MS Office 2007: Digital Signature does not protect Meta-Data

Re: MS Office 2007: Digital Signature does not protect Meta-Data

Best Regards,
Henrich C. Phls

[1] Screenshot of a German Word 2007 GUI showing modified MetaData, and
the intact digital signature
<http://www.informatik.uni-hamburg.de/SVS/personnel/henrich/bugtraq_word_metatdata_screenshot.jpg>


> -----Ursprngliche Nachricht-----
> Von: poehls@informatik.uni-hamburg.de [mailto:poehls@informatik.uni-hamburg.de] 
> Gesendet: Mittwoch, 12. Dezember 2007 11:35

Re: MS Office 2007: Digital Signature does not protect Meta-Data

Best Regards,
Henrich C. Phls

> -----Ursprngliche Nachricht-----
> Von: Henrich C. Poehls [mailto:poehls@informatik.uni-hamburg.de] 
> Gesendet: Freitag, 14. Dezember 2007 12:08
> An: Naujoks, Hans-Dietmar
> Cc: bugtraq@securityfocus.com
> Betreff: Re: MS Office 2007: Digital Signature does not protect Meta-Data
>

Re: Latest round of web hacking incidents for 2007 & Project news

>     * Country: Germany
>     * Outcome: Leakage of Information
>     * Vertical: e-commerce
>
> An unidentified group had stolen credit card numbers and billing addresses
> of the Hamburg, Germany ticket sales office Kartenhaus, a subsidiary of
> Ticketmaster. Some 66,000 customers who purchased tickets with a credit card
> from the Kartenhaus.de web site between October 24, 2006 and September 30,
> 2007 were affected.
>
>

[IMF 2011] 2nd Call - Deadline Extended

------------------
Rafael Accorsi          Universitaet Freiburg, Germany
Susan Brenner           University of Dayton, USA
Jack Cole               US Army Research Laboratory, USA
Andrew Cormack          JANET, UK
Andreas Dondera         Landeskriminalamt Hamburg, Germany
Ralf Doerrie            Germany
Ralf Ehlert             Universitaet Magdeburg, Germany
Felix Freiling          Universitaet Mannheim, Germany
Sandra Frings           Fraunhofer IAO, Germany
Oliver Goebel           Universitaet Stuttgart, Germany

[IMF 2011] Call for Participation

=================
Rafael Accorsi          Universitaet Freiburg, Germany
Susan Brenner           University of Dayton, USA
Jack Cole               US Army Research Laboratory, USA
Andrew Cormack          JANET, UK
Andreas Dondera         Landeskriminalamt Hamburg, Germany
Ralf Doerrie            Germany
Ralf Ehlert             Universitaet Magdeburg, Germany
Felix Freiling          Universitaet Mannheim, Germany
Sandra Frings           Fraunhofer IAO, Germany
Oliver Goebel           Universitaet Stuttgart, Germany

IMF 2007 - Call for Participation

Program Committee 
----------------- 
  Susan Brenner, University of Dayton - School of Law, USA 
  Klaus Brunnstein, University of Hamburg, Germany 
  Brian Carrier, Basis Technology, USA 
  Jack Cole, US Army Research Laboratory, USA 
  Andrew Cormack, UKERNA, UK 
  Ralf Doerrie, Telekom-CERT, Germany 
  Sandra Frings, Fraunhofer IAO, Germany

IMF 2007 - 2nd Call for Participation

Program Committee 
----------------- 
  Susan Brenner, University of Dayton - School of Law, USA 
  Klaus Brunnstein, University of Hamburg, Germany 
  Brian Carrier, Basis Technology, USA 
  Jack Cole, US Army Research Laboratory, USA 
  Andrew Cormack, UKERNA, UK 
  Ralf Doerrie, Telekom-CERT, Germany 
  Sandra Frings, Fraunhofer IAO, Germany

RE: Latest round of web hacking incidents for 2007 & Project news

    * Country: Germany
    * Outcome: Leakage of Information
    * Vertical: e-commerce

An unidentified group had stolen credit card numbers and billing addresses
of the Hamburg, Germany ticket sales office Kartenhaus, a subsidiary of
Ticketmaster. Some 66,000 customers who purchased tickets with a credit card
from the Kartenhaus.de web site between October 24, 2006 and September 30,
2007 were affected.

RE: Latest round of web hacking incidents for 2007 & Project news

    * Country: Germany
    * Outcome: Leakage of Information
    * Vertical: e-commerce

An unidentified group had stolen credit card numbers and billing addresses
of the Hamburg, Germany ticket sales office Kartenhaus, a subsidiary of
Ticketmaster. Some 66,000 customers who purchased tickets with a credit card
from the Kartenhaus.de web site between October 24, 2006 and September 30,
2007 were affected.

Latest round of web hacking incidents for 2007 & Project news

    * Country: Germany
    * Outcome: Leakage of Information
    * Vertical: e-commerce

An unidentified group had stolen credit card numbers and billing addresses
of the Hamburg, Germany ticket sales office Kartenhaus, a subsidiary of
Ticketmaster. Some 66,000 customers who purchased tickets with a credit card
from the Kartenhaus.de web site between October 24, 2006 and September 30,
2007 were affected.

IMF 2008 - Call for Papers

Program Committee
-----------------
Susan Brenner                   University of Dayton, USA
Klaus Brunnstein                University of Hamburg, Germany
Jack Cole                       US Army Research Laboratory, USA
Andrew Cormack                  JANET, UK
Ralf Doerrie                    Germany
Sandra Frings                   Fraunhofer IAO, Germany
Oliver Goebel                   RUS-CERT, Germany

[IMF 2011] Call for Papers

------------------
Rafael Accorsi          Universitaet Freiburg, Germany
Susan Brenner           University of Dayton, USA
Jack Cole               US Army Research Laboratory, USA
Andrew Cormack          JANET, UK
Andreas Dondera         Landeskriminalamt Hamburg, Germany
Ralf Doerrie            Germany
Ralf Ehlert             Universitaet Magdeburg, Germany
Felix Freiling          Universitaet Mannheim, Germany
Sandra Frings           Fraunhofer IAO, Germany
Oliver Goebel           Universitaet Stuttgart, Germany

IMF 2008 - Deadline Extension (2nd try)

Program Committee
-----------------
Susan Brenner                   University of Dayton, USA
Klaus Brunnstein                University of Hamburg, Germany
Jack Cole                       US Army Research Laboratory, USA
Andrew Cormack                  JANET, UK
Ralf Doerrie                    Germany
Sandra Frings                   Fraunhofer IAO, Germany
Oliver Goebel                   RUS-CERT, Germany

IMF 2008 - Call for Participation

Program Committee
-----------------
Susan Brenner                   University of Dayton, USA
Klaus Brunnstein                University of Hamburg, Germany
Jack Cole                       US Army Research Laboratory, USA
Andrew Cormack                  JANET, UK
Ralf Doerrie                    Germany
Sandra Frings                   Fraunhofer IAO, Germany
Oliver Goebel                   RUS-CERT, Germany

IMF 2008 - 2nd Call for Papers

Program Committee
-----------------
Susan Brenner                   University of Dayton, USA
Klaus Brunnstein                University of Hamburg, Germany
Jack Cole                       US Army Research Laboratory, USA
Andrew Cormack                  JANET, UK
Ralf Doerrie                    Germany
Sandra Frings                   Fraunhofer IAO, Germany
Oliver Goebel                   RUS-CERT, Germany

OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents

Yours,
Henrich C. Poehls, Dong Tran, Finn Petersen, Frederic Pscheid
SVS - Dept. of Informatics - University of Hamburg

MS Office 2007: Digital Signature does not protect Meta-Data

Yours,
Henrich C. Poehls, Dong Tran, Finn Petersen, Frederic Pscheid
SVS - Dept. of Informatics - University of Hamburg

Re: AW: MS Office 2007: Digital Signature does not protect Meta-Data

> Yours
> H.-D. Naujoks
> T=C3=9CV S=C3=9CD Informatik und Consulting Services GmbH
>=20
> -----Urspr=C3=BCngliche Nachricht-----
> Von: poehls@informatik.uni-hamburg.de [mailto:poehls@informatik.uni-hambu=
rg.de]=20
> Gesendet: Mittwoch, 12. Dezember 2007 11:35
> An: bugtraq@securityfocus.com
> Betreff: MS Office 2007: Digital Signature does not protect Meta-Data
>=20

MS Office 2007: Target of Hyperlinks not covered by Digital Signatures

Yours,
Henrich C. Poehls, Dong Tran, Finn Petersen, Frederic Pscheid
SVS - Dept. of Informatics - University of Hamburg

AW: MS Office 2007: Digital Signature does not protect Meta-Data

Yours
H.-D. Naujoks
TV SD Informatik und Consulting Services GmbH

-----Ursprngliche Nachricht-----
Von: poehls@informatik.uni-hamburg.de [mailto:poehls@informatik.uni-hamburg.de] 
Gesendet: Mittwoch, 12. Dezember 2007 11:35
An: bugtraq@securityfocus.com
Betreff: MS Office 2007: Digital Signature does not protect Meta-Data


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!